Skip to main content

Avantfax

4 CVEs product

Monthly

CVE-2023-23328 HIGH POC This Week

A File Upload vulnerability exists in AvantFAX 3.3.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Avantfax
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.1%
CVE-2023-23327 MEDIUM POC This Month

An Information Disclosure vulnerability exists in AvantFAX 3.3.7. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Avantfax
NVD GitHub VulDB
CVSS 3.1
4.9
EPSS
0.8%
CVE-2023-23326 MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability exists in AvantFAX 3.3.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Avantfax
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-11766 HIGH This Week

sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise Web Interface before 0.2.5 allows authenticated Command Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection PHP Hylafax Avantfax
NVD
CVSS 3.1
8.8
EPSS
1.8%
EPSS 1% CVSS 8.8
HIGH POC This Week

A File Upload vulnerability exists in AvantFAX 3.3.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Avantfax
NVD GitHub VulDB
EPSS 1% CVSS 4.9
MEDIUM POC This Month

An Information Disclosure vulnerability exists in AvantFAX 3.3.7. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Avantfax
NVD GitHub VulDB
EPSS 1% CVSS 5.4
MEDIUM POC This Month

A Stored Cross-Site Scripting (XSS) vulnerability exists in AvantFAX 3.3.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Avantfax
NVD GitHub VulDB
EPSS 2% CVSS 8.8
HIGH This Week

sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise Web Interface before 0.2.5 allows authenticated Command Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection PHP Hylafax +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy