← Back

Espcms P8

espcms-p8

Vendor: Ecisp • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-33085
1Ecisp
1Espcms P8
Nov 21, 2024
Jun 30, 2022
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
ESPCMS P8 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the fetch_filename function at \espcms_public\espcms_templates\ESPCMS_Templates.
CVE-2020-18913
1Ecisp
1Espcms P8
Nov 21, 2024
Aug 24, 2021
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
EARCLINK ESPCMS-P8 was discovered to contain a SQL injection vulnerability in the espcms_web/Search.php component via the attr_array parameter. This vulnerability allows attackers to access sensitive database information...Show more
EARCLINK ESPCMS-P8 was discovered to contain a SQL injection vulnerability in the espcms_web/Search.php component via the attr_array parameter. This vulnerability allows attackers to access sensitive database information.Show less