CVE-2019-12946 Elcom CMS before 10.7 has SQL Injection via EventSearchByState.aspx and EventSearchAdv.aspx. Source: NIST CVE-2019-12946 July 19, 2019 by admin Uncategorized