E-Solutions E-Management vulnerabilities
2 known vulnerabilities affecting e-solutions/e-management.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2025-3022P2CRITICALCVSS 9.3vall versions2025-03-31
CVE-2025-3022 [CRITICAL] CWE-78 CVE-2025-3022: Os command injection vulnerability in e-solutions e-management. This vulnerability allows an attacke
Os command injection vulnerability in e-solutions e-management. This vulnerability allows an attacker to execute arbitrary commands on the server via the ‘client’ parameter in the /data/apache/e-management/api/api3.php endpoint.
nvd
CVE-2025-3021P3HIGHCVSS 8.7vall versions2025-03-31
CVE-2025-3021 [HIGH] CWE-22 CVE-2025-3021: Path Traversal vulnerability in e-solutions e-management. This vulnerability could allow an attacker
Path Traversal vulnerability in e-solutions e-management. This vulnerability could allow an attacker to access confidential files outside the expected scope via the ‘file’ parameter in the /downloadReport.php endpoint.
nvd