CVE-2021-30461

A remote code execution issue was discovered in the web UI of VoIPmonitor before 24.61. When the recheck option is used, the user-supplied SPOOLDIR value (which might contain PHP code) is injected into config/configuration.php. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt