Vulnerabilities (CVE)

Filtered by vendor Mutare Subscribe
Filtered by product Voice
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-27236 1 Mutare 1 Voice 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution.
CVE-2021-27235 1 Mutare 1 Voice 2024-11-21 4.0 MEDIUM 4.9 MEDIUM
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, there is a functionality at diagzip.asp that allows anyone to export tables of a database.
CVE-2021-27234 1 Mutare 1 Voice 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. The web application suffers from SQL injection on Adminlog.asp, Archivemsgs.asp, Deletelog.asp, Eventlog.asp, and Evmlog.asp.
CVE-2021-27233 1 Mutare 1 Voice 2024-11-21 4.0 MEDIUM 4.9 MEDIUM
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, password information for external systems is visible in cleartext. The Settings.asp page is affected by this issue.