Known Vulnerabilities for products from Avantfax
Listed below are 5 of the newest known vulnerabilities associated with the vendor "Avantfax".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-1782 json | Not Provided | 2025-04-14 | 2026-05-26 | |
| CVE-2023-23328 json | A File Upload vulnerability exists in AvantFAX 3.3.7. An authenticated user can bypass PHP file type validation in FileUpload... | 8.8 - HIGH | 2023-03-10 | 2023-03-16 |
| CVE-2023-23327 json | An Information Disclosure vulnerability exists in AvantFAX 3.3.7. Backups of the AvantFAX sent/received faxes, and database b... | 4.9 - MEDIUM | 2023-03-10 | 2023-03-16 |
| CVE-2023-23326 json | A Stored Cross-Site Scripting (XSS) vulnerability exists in AvantFAX 3.3.7. An authenticated low privilege user can inject ar... | 5.4 - MEDIUM | 2023-03-10 | 2023-03-16 |
| CVE-2020-11766 json | sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise Web Interface before 0.2.5 allows authenticated Command Inje... | 8.8 - HIGH | 2020-05-19 | 2021-07-21 |
| CVE-2017-18024 json | AvantFAX 3.3.3 has XSS via an arbitrary parameter name to the default URI, as demonstrated by a parameter whose name contains... | 6.1 - MEDIUM | 2018-01-10 | 2018-02-01 |
Known software with vulnerabilities from Avantfax
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Avantfax | Avantfax | 3.3.0 |