Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): FaxFinder
- Search Type: Search All
- Match: Exact
- CPE Name Search: false
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-17562 |
Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/call_details?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points. Published: October 03, 2018; 4:29:16 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2016-10512 |
MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for maintaining the test connectivity function of its LDAP configuration. These credentials are retrieved by the system when the LDAP configuration page is opened and are embedded directly into the HTML source code in cleartext. Published: September 29, 2017; 9:29:00 PM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |