Vulnerabilities (CVE)

Filtered by vendor Evolucare Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3029 1 Evolucare 1 Ecs Imaging 2024-08-03 10.0 HIGH 9.8 CRITICAL
EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has an OS Command Injection vulnerability via shell metacharacters and an IFS manipulation. The parameter "file" on the webpage /showfile.php can be exploited to gain root access. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVE-2023-26913 1 Evolucare 1 Ecs Imaging 2024-08-02 N/A 6.1 MEDIUM
EVOLUCARE ECSIMAGING (aka ECS Imaging) < 6.21.5 is vulnerable to Cross Site Scripting (XSS) via new_movie. php.