VoIPmonitor WEB GUI up to version 24.61 is affected by SQL injection through the "api.php" file and "user"...
9.8CVSS
9.8AI Score
0.001EPSS
The config restore function of Voipmonitor GUI before v24.96 does not properly check files sent as restore archives, allowing remote attackers to execute arbitrary commands via a crafted file in the web...
8.8CVSS
9.2AI Score
0.003EPSS
A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator...
An incorrect check in the component cdr.php of Voipmonitor GUI before v24.96 allows unauthenticated attackers to escalate privileges via a crafted...
9.8CVSS
9.4AI Score
0.002EPSS
A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value (which might contain PHP code) is injected into...
9.8CVSS
9.7AI Score
0.955EPSS