Evolucare Ecs Imaging vulnerabilities
2 known vulnerabilities affecting evolucare/ecs_imaging.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-3029P2CRITICALCVSS 9.8≤ 6.21.52021-01-07
CVE-2021-3029 [CRITICAL] CWE-78 CVE-2021-3029: EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has an OS Command Injection vulnerability via
EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has an OS Command Injection vulnerability via shell metacharacters and an IFS manipulation. The parameter "file" on the webpage /showfile.php can be exploited to gain root access. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
nvd
CVE-2023-26913P4MEDIUMCVSS 6.1v6.21.52023-03-22
CVE-2023-26913 [MEDIUM] CWE-79 CVE-2023-26913: EVOLUCARE ECSIMAGING (aka ECS Imaging) < 6.21.5 is vulnerable to Cross Site Scripting (XSS) via new_
EVOLUCARE ECSIMAGING (aka ECS Imaging) < 6.21.5 is vulnerable to Cross Site Scripting (XSS) via new_movie. php.
nvd