VYPR
Vendor

EVOLUCARE

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2021-3118CriJan 11, 2021
    risk 0.64cvss 9.8epss 0.02

    EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has multiple SQL Injection issues in the login form and the password-forgotten form (such as /req_password_user.php?email=). This allows an attacker to steal data in the database and obtain access to the application. (The…

  • CVE-2021-3029CriJan 7, 2021
    risk 0.64cvss 9.8epss 0.03

    EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has an OS Command Injection vulnerability via shell metacharacters and an IFS manipulation. The parameter "file" on the webpage /showfile.php can be exploited to gain root access. NOTE: This vulnerability only affects…

  • CVE-2023-26913MedMar 22, 2023
    risk 0.40cvss 6.1epss 0.00

    EVOLUCARE ECSIMAGING (aka ECS Imaging) < 6.21.5 is vulnerable to Cross Site Scripting (XSS) via new_movie. php.