earclink

5 exploits Active since Nov 2022
CVE-2023-23007 GITEE HIGH php
Ecisp Espcms - SQL Injection
An issue was discovered in ESPCMS P8.21120101 after logging in to the background, there is a SQL injection vulnerability in the function node where members are added.
11 stars
CVSS 7.2
CVE-2023-0246 GITEE LOW php
earclink ESPCMS P8.21120101 - XSS
A vulnerability, which was classified as problematic, was found in earclink ESPCMS P8.21120101. Affected is an unknown function of the component Content Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-218154 is the identifier assigned to this vulnerability.
11 stars
CVSS 3.5
CVE-2022-44089 GITEE CRITICAL php
ESPCMS P8.21120101 - RCE
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component IS_GETCACHE.
11 stars
CVSS 9.8
CVE-2022-44088 GITEE CRITICAL php
ESPCMS <P8.21120101 - RCE
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component INPUT_ISDESCRIPTION.
11 stars
CVSS 9.8
CVE-2022-44087 GITEE CRITICAL php
ESPCMS <P8.21120101 - RCE
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component UPFILE_PIC_ZOOM_HIGHT.
11 stars
CVSS 9.8