Filtered by vendor Evolucare Subscriptions
Filtered by product Ecs Imaging Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-26913 1 Evolucare 1 Ecs Imaging 2024-11-21 6.1 Medium
EVOLUCARE ECSIMAGING (aka ECS Imaging) < 6.21.5 is vulnerable to Cross Site Scripting (XSS) via new_movie. php.
CVE-2021-3029 1 Evolucare 1 Ecs Imaging 2024-11-21 9.8 Critical
EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has an OS Command Injection vulnerability via shell metacharacters and an IFS manipulation. The parameter "file" on the webpage /showfile.php can be exploited to gain root access. NOTE: This vulnerability only affects products that are no longer supported by the maintainer