VYPR

EIP

by Hgiga

CVEs (3)

  • CVE-2021-22851CriJan 19, 2021
    risk 0.64cvss 9.8epss 0.01

    HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (document management page) to obtain database schema and data.

  • CVE-2021-22852HigJan 19, 2021
    risk 0.57cvss 8.8epss 0.01

    HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (online registration) to obtain database schema and data.

  • CVE-2021-22850MedJan 19, 2021
    risk 0.35cvss 5.3epss 0.01

    HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions.