← Back

Ecs Imaging

ecs_imaging

Vendor: Evolucare • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-26913
1Evolucare
1Ecs Imaging
Nov 21, 2024
Mar 22, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
EVOLUCARE ECSIMAGING (aka ECS Imaging) < 6.21.5 is vulnerable to Cross Site Scripting (XSS) via new_movie. php.
CVE-2021-3029
1Evolucare
1Ecs Imaging
Nov 21, 2024
Jan 7, 2021
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has an OS Command Injection vulnerability via shell metacharacters and an IFS manipulation. The parameter "file" on the webpage /showfile.php can be exploited to gain...Show more
EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has an OS Command Injection vulnerability via shell metacharacters and an IFS manipulation. The parameter "file" on the webpage /showfile.php can be exploited to gain root access. NOTE: This vulnerability only affects products that are no longer supported by the maintainerShow less