Skip to main content

E Document System

3 CVEs product

Monthly

CVE-2021-34683 MEDIUM This Month

An issue was discovered in EXCELLENT INFOTEK CORPORATION (EIC) E-document System 3.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure E Document System
NVD GitHub
CVSS 3.1
5.3
EPSS
1.1%
CVE-2021-22860 CRITICAL Act Now

EIC e-document system does not perform completed identity verification for sorting and filtering personnel data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass E Document System
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%
CVE-2021-22859 CRITICAL Act Now

The users’ data querying function of EIC e-document system does not filter the special characters which resulted in remote attackers can inject SQL syntax and execute arbitrary commands without. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi E Document System
NVD GitHub
CVSS 3.1
9.8
EPSS
3.8%
EPSS 1% CVSS 5.3
MEDIUM This Month

An issue was discovered in EXCELLENT INFOTEK CORPORATION (EIC) E-document System 3.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure E Document System
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL Act Now

EIC e-document system does not perform completed identity verification for sorting and filtering personnel data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass E Document System
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL Act Now

The users’ data querying function of EIC e-document system does not filter the special characters which resulted in remote attackers can inject SQL syntax and execute arbitrary commands without. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi E Document System
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy