Vulnerabilities > EIC > E Document System > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-17 | CVE-2021-22859 | SQL Injection vulnerability in EIC E-Document System 3.0.2 The users’ data querying function of EIC e-document system does not filter the special characters which resulted in remote attackers can inject SQL syntax and execute arbitrary commands without privilege. | 9.8 |
| 2021-03-17 | CVE-2021-22860 | Improper Authentication vulnerability in EIC E-Document System 2.9/3.0.2 EIC e-document system does not perform completed identity verification for sorting and filtering personnel data. | 9.8 |