Voice

voice

Vendor: Mutare • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-27236 1Mutare 1Voice Nov 21, 2024 Feb 16, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution.
CVE-2021-27235 1Mutare 1Voice Nov 21, 2024 Feb 16, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, there is a functionality at diagzip.asp that allows anyone to export tables of a database.
CVE-2021-27234 1Mutare 1Voice Nov 21, 2024 Feb 16, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. The web application suffers from SQL injection on Adminlog.asp, Archivemsgs.asp, Deletelog.asp, Eventlog.asp, and Evmlog.asp.
CVE-2021-27233 1Mutare 1Voice Nov 21, 2024 Feb 16, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, password information for external systems is visible in cleartext. The Settings.asp page is affected by this iss...Show more An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, password information for external systems is visible in cleartext. The Settings.asp page is affected by this issue.Show less