EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user.Referenceshttp://ecm.comhttps://hardik-solanki.medium.com/authentication-admin-panel-bypass-which-leads-to-full-admin-access-control-c10ec4ab4255