An issue was discovered in EXCELLENT INFOTEK CORPORATION (EIC) E-document System 3.0. A remote attacker can use kw/auth/bbs/asp/get_user_email_info_bbs.asp to obtain the contact information (name and e-mail address) of everyone in the entire organization. This information can allow remote attackers to perform social engineering or brute force attacks against the system login page.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-06-16T11:58:38

Updated: 2024-08-04T00:19:47.910Z

Reserved: 2021-06-14T00:00:00

Link: CVE-2021-34683

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-06-16T12:15:12.793

Modified: 2024-11-21T06:10:56.543

Link: CVE-2021-34683

cve-icon Redhat

No data.