Lucene search

Voipmonitor Security Vulnerabilities

cve

CVE-2021-41408

VoIPmonitor WEB GUI up to version 24.61 is affected by SQL injection through the "api.php" file and "user"...

9.8CVSS

9.8AI Score

0.001EPSS

2022-06-17 01:15 PM

cve

CVE-2022-24262

The config restore function of Voipmonitor GUI before v24.96 does not properly check files sent as restore archives, allowing remote attackers to execute arbitrary commands via a crafted file in the web...

8.8CVSS

9.2AI Score

0.003EPSS

2022-02-04 05:15 PM

cve

CVE-2022-24260

A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate privileges to the Administrator...

9.8CVSS

9.8AI Score

0.253EPSS

2022-02-04 05:15 PM

In Wild

cve

CVE-2022-24259

An incorrect check in the component cdr.php of Voipmonitor GUI before v24.96 allows unauthenticated attackers to escalate privileges via a crafted...

9.8CVSS

9.4AI Score

0.002EPSS

2022-02-04 05:15 PM

cve

CVE-2021-30461

A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value (which might contain PHP code) is injected into...

9.8CVSS

9.7AI Score

0.955EPSS

2021-05-29 02:15 PM