← Back

Faxfinder

faxfinder

Vendor: Multitech • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-17562
1Multitech
1Faxfinder
Nov 21, 2024
Oct 3, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/call_details?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different in...Show more
Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/call_details?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points.Show less
CVE-2016-10512
1Multitech
1Faxfinder
May 13, 2026
Sep 30, 2017
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for maintaining the test connectivity function of its LDAP configuration. These credentials are retrieved by the system when the LDAP configuration page is op...Show more
MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for maintaining the test connectivity function of its LDAP configuration. These credentials are retrieved by the system when the LDAP configuration page is opened and are embedded directly into the HTML source code in cleartext.Show less