SQL Injection Vulnerability in EgavilanMedia ECM Address Book 1.0

SQL Injection Vulnerability in EgavilanMedia ECM Address Book 1.0

CVE-2020-35276 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.