Vulnerabilities > Multitech > Faxfinder
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-03 | CVE-2018-17562 | SQL Injection vulnerability in Multitech Faxfinder Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/call_details?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points. | 7.5 |
| 2017-09-30 | CVE-2016-10512 | Credentials Management vulnerability in Multitech Faxfinder MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for maintaining the test connectivity function of its LDAP configuration. | 9.8 |