VYPR
Vendor

ECTouch

Products
2
CVEs
4
Across products
4
Status
Private

Products

2

Recent CVEs

4
  • CVE-2023-39560CriAug 28, 2023
    risk 0.64cvss 9.8epss 0.04

    ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr['id'] parameter at \default\helpers\insert.php.

  • CVE-2020-21806CriJul 30, 2021
    risk 0.64cvss 9.8epss 0.01

    SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php..

  • CVE-2020-18144CriJul 14, 2021
    risk 0.64cvss 9.8epss 0.01

    SQL Injection Vulnerability in ECTouch v2 via the integral_min parameter in index.php.

  • CVE-2014-5862Sep 10, 2014
    risk 0.00cvss epss 0.00

    The ecalendar2 (aka cn.etouch.ecalendar2) application 4.5.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.