earclink

5 exploits Active since Nov 2022
CVE-2023-23007 GITEE HIGH php
ESPCMS P8.21120101 - Authenticated SQL Injection in Member Add Function
An issue was discovered in ESPCMS P8.21120101 after logging in to the background, there is a SQL injection vulnerability in the function node where members are added.
11 stars
CVSS 7.2
CVE-2023-0246 GITEE LOW php
espcms P8.21120101 - Cross-Site Scripting in Content Handler
A vulnerability, which was classified as problematic, was found in earclink ESPCMS P8.21120101. Affected is an unknown function of the component Content Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-218154 is the identifier assigned to this vulnerability.
11 stars
CVSS 3.5
CVE-2022-44089 GITEE CRITICAL php
ESPCMS P8.21120101 - Remote Code Execution via IS_GETCACHE Component
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component IS_GETCACHE.
11 stars
CVSS 9.8
CVE-2022-44088 GITEE CRITICAL php
ESPCMS P8.21120101 - Remote Code Execution via INPUT_ISDESCRIPTION Component
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component INPUT_ISDESCRIPTION.
11 stars
CVSS 9.8
CVE-2022-44087 GITEE CRITICAL php
ESPCMS P8.21120101 - Remote Code Execution via UPFILE_PIC_ZOOM_HIGHT Component
ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component UPFILE_PIC_ZOOM_HIGHT.
11 stars
CVSS 9.8