cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-39292,https://securityvulnerability.io/vulnerability/CVE-2023-39292,SQL Injection Vulnerability in MiVoice Office 400 by Mitel,"A SQL Injection vulnerability has been discovered in the MiVoice Office 400 SMB Controller version 1.2.5.23. This vulnerability potentially allows an attacker to manipulate database queries, gaining unauthorized access to sensitive information and executing arbitrary commands within the database environment. Organizations using this product should implement security measures promptly to mitigate any risk associated with this vulnerability.",Mitel,"Mivoice Office 400,Mivoice Office 400 Smb Controller Firmware",9.8,CRITICAL,0.0013699999544769526,false,,false,false,false,,,false,false,,2023-08-14T00:00:00.000Z,0
CVE-2023-39293,https://securityvulnerability.io/vulnerability/CVE-2023-39293,Command Injection Vulnerability in MiVoice Office 400 by Mitel,"A command injection vulnerability has been discovered in the MiVoice Office 400 SMB Controller, which could enable a malicious actor to execute arbitrary commands in the context of the affected system. This flaw allows for potential unauthorized access, leading to significant security risks and exploitation possibilities. Users and administrators are urged to review security advisories to mitigate these risks.",Mitel,"Mivoice Office 400,Mivoice Office 400 Smb Controller Firmware",9.8,CRITICAL,0.0010400000028312206,false,,false,false,false,,,false,false,,2023-08-14T00:00:00.000Z,0
CVE-2018-16226,https://securityvulnerability.io/vulnerability/CVE-2018-16226,,"A vulnerability in the web admin component of Mitel MiVoice Office 400, versions R5.0 HF3 (v8839a1) and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack, due to insufficient validation for the start.asp page. A successful exploit could allow the attacker to execute arbitrary scripts to access sensitive browser-based information.",Mitel,Mivoice Office 400,6.1,MEDIUM,0.0017300000181421638,false,,false,false,false,,,false,false,,2018-10-23T21:00:00.000Z,0