CVE-2021-27234

Name of the Vulnerable Software and Affected Versions: Mutare Voice (EVM) versions 3.x before 3.3.8

Description: The web application of Mutare Voice (EVM) suffers from SQL injection on several pages, including "Adminlog.asp", "Archivemsgs.asp", "Deletelog.asp", "Eventlog.asp", and "Evmlog.asp".

Recommendations: For versions prior to 3.3.8, update to version 3.3.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected pages until a patch is applied. Avoid using user-input data directly in SQL queries for the affected pages until the issue is resolved.