CVE-2018-17562

Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/call_details?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt