Vulnerabilities > Emuse Eservices Envoice Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-29 | CVE-2021-36722 | SQL Injection vulnerability in Emuse - Eservices / Envoice Project Emuse - Eservices / Envoice Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing login authentication or dumping the whole database to full RCE on the affected endpoints. | 9.8 |
| 2021-12-29 | CVE-2021-36723 | Information Exposure vulnerability in Emuse - Eservices / Envoice Project Emuse - Eservices / Envoice Emuse - eServices / eNvoice Exposure Of Private Personal Information due to lack of identification mechanisms and predictable IDs an attacker can scrape all the files on the service. | 7.5 |