Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
EIC e-document system - SQL Injection
Vulnerability Description
The users’ data querying function of EIC e-document system does not filter the special characters which resulted in remote attackers can inject SQL syntax and execute arbitrary commands without privilege.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Excellent Infotek Corporation EIC e-document system SQL注入漏洞
Vulnerability Description
Excellent Infotek Corporation EIC e-document system是中国杰印资讯公司(Excellent Infotek Corporation)公司的一个应用系统。提供精确、简单、标准的XML公文表单,简化原本繁复的公文的撰写、传送流程。 EIC e-document system 存在SQL注入漏洞,该漏洞源于查询功能不过滤特殊字符,导致远程攻击者可利用该漏洞可以注入SQL语法,任意执行命令。
CVSS Information
N/A
Vulnerability Type
N/A