Abbyy : Security Vulnerabilities, CVEs, CVSS score >= 9
The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter.
Max CVSS
9.8
EPSS Score
0.26%
Published
2018-07-09
Updated
2019-10-03
Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder, filter, or Order parameter.
Max CVSS
9.8
EPSS Score
0.14%
Published
2019-02-10
Updated
2020-09-10
2 vulnerabilities found