14 matches found
CVE-2016-10512
MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for maintaining the test connectivity function of its LDAP configuration. These credentials are retrieved by the system when the LDAP configuration page is opened and are embedded directly into the HTML source code in cleartext...
EUVD-2016-1694
Malware in sbrugna...
EUVD-2018-9315
Malware in sbrugna...
CVE-2018-17562
Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/calldetails?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points...
CVE-2018-17562
Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/calldetails?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points...
Sql injection
Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/calldetails?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points...
CVE-2018-17562
Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/calldetails?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points...
CVE-2018-17562
CVE-2018-17562 affects Multi-Tech FaxFinder prior to 5.1.6. The flaw is a SQL Injection through a URI endpoint (status/call_details?oid=), enabling an attacker to extract the underlying database schema and reveal other fax server information via additional injection points. Documented CVSS detail...
MultiTech FaxFinder Trust Management Vulnerability
MultiTech FaxFinder is a fax server appliance from MultiTech Systems, USA. A security vulnerability exists in versions of MultiTech FaxFinder prior to 4.1.2. A remote attacker can exploit the vulnerability to retrieve certificates...
CVE-2016-10512
MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for maintaining the test connectivity function of its LDAP configuration. These credentials are retrieved by the system when the LDAP configuration page is opened and are embedded directly into the HTML source code in cleartext...
Code injection
MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for maintaining the test connectivity function of its LDAP configuration. These credentials are retrieved by the system when the LDAP configuration page is opened and are embedded directly into the HTML source code in cleartext...
CVE-2016-10512
The CVE affects MultiTech FaxFinder prior to 4.1.2, where passwords used for testing LDAP connectivity are stored unencrypted. The credentials can be retrieved by the system when the LDAP configuration page is opened and are embedded in the HTML source in cleartext, creating high-risk exposure of...
CVE-2016-10512
MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for maintaining the test connectivity function of its LDAP configuration. These credentials are retrieved by the system when the LDAP configuration page is opened and are embedded directly into the HTML source code in cleartext...
Multitech RightFax Faxfinder Credential Disclosure
Credits: Joshua Platz aka Binary1985 + Website: https://github.com/binary1985 + Source: https://raw.githubusercontent.com/binary1985/VulnerabilityDisclosure/master/RightFax%20FaxFinder Vendor: ========================== http://www.multitech.com/ Product: =========== Multitech RightFax Faxfinder...