RSS   Podatności dla 'Flexicapture'   RSS

2019-02-09
 
CVE-2018-13792

CWE-89
 

 
Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder, filter, or Order parameter.

 
2018-07-09
 
CVE-2018-13793

CWE-352
 

 
Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login.

 
 
CVE-2018-13791

CWE-732
 

 
The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter.

 

 >>> Vendor: Abbyy 2 Produkty
Flexicapture
Finereader


Copyright 2024, cxsecurity.com

 

Back to Top