Vulnerabilities (CVE)

Filtered by vendor Egavilanmedia Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-44096	1 Egavilanmedia	1 User Registration And Login System With Admin Panel	2022-06-08	7.5 HIGH	9.8 CRITICAL
EGavilan Media User-Registration-and-Login-System-With-Admin-Panel 1.0 is vulnerable to SQL Injection via profile_action - update_user. This allows a remote attacker to compromise Application SQL database.
CVE-2021-44098	1 Egavilanmedia	1 Expense Management System	2022-06-08	7.5 HIGH	9.8 CRITICAL
EGavilan Media Expense-Management-System 1.0 is vulnerable to SQL Injection via /expense_action.php. This allows a remote attacker to compromise Application SQL database.
CVE-2020-29472	1 Egavilanmedia	1 Under Construction Page With Cpanel	2021-04-22	7.5 HIGH	9.8 CRITICAL
EGavilan Media Under Construction page with cPanel 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution.
CVE-2020-29474	1 Egavilanmedia	1 Egm Address Book	2021-04-22	7.5 HIGH	9.8 CRITICAL
EGavilan Media EGM Address Book 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution.
CVE-2020-35263	1 Egavilanmedia	1 User Registration And Login System With Admin Panel	2021-02-02	7.5 HIGH	9.8 CRITICAL
EgavilanMedia User Registration & Login System 1.0 is affected by SQL injection to the admin panel, which may allow arbitrary code execution.
CVE-2020-35276	1 Egavilanmedia	1 Ecm Address Book	2020-12-23	7.5 HIGH	9.8 CRITICAL
EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user.