COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2020-35276

CVE-2020-35276

Severity
critical
Source
NVD · cve
Published
2020-12-21
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2020-35276
shame 35/100

EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user.

Players implicated

egavilanmedia · vendorecm address book · product

Description

EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user.

Sentiment · trusted sources

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.