VYPR
Vendor

Earcms

Products
2
CVEs
2
Across products
2
Status
Private

Products

2

Recent CVEs

2
  • CVE-2020-18912CriAug 29, 2023
    risk 0.64cvss 9.8epss 0.01

    An issue found in Earcms Ear App v.20181124 allows a remote attacker to execute arbitrary code via the uload/index-uplog.php.

  • CVE-2017-11756HigJul 30, 2017
    risk 0.46cvss 7.0epss 0.01

    In Earcms Ear Music through 4.1 build 20170710, remote authenticated users can execute arbitrary PHP code by changing the allowable music-upload extensions to include .php in addition to .mp3 and .m4a in admin.php?iframe=config_upload, and then using user.php/music/add/ to…