VYPR

ECM Address Book

by EGavilan Media

CVEs (2)

  • CVE-2020-29474CriDec 24, 2020
    risk 0.64cvss 9.8epss 0.04

    EGavilan Media EGM Address Book 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution.

  • CVE-2020-35276CriDec 21, 2020
    risk 0.64cvss 9.8epss 0.02

    EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user.