2 matches found
CVE-2018-17562
Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/calldetails?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points...
CVE-2018-17562
CVE-2018-17562 affects Multi-Tech FaxFinder prior to 5.1.6. The flaw is a SQL Injection through a URI endpoint (status/call_details?oid=), enabling an attacker to extract the underlying database schema and reveal other fax server information via additional injection points. Documented CVSS detail...