SecBoard
Zurück zur CVE-Übersicht

CVE-2020-35276

CRITICAL(9.8)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Risk Signal Score25/100 — MITTEL
  • CVSS 9.8 — Kritisch

EPSS-Score

2%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

9.8

Technische Schwere

Beschreibung

EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user.

Referenzen