ABBYY network license server in ABBYY FineReader 15 before Release 4 (aka 15.0.112.2130) allows escalation of privileges by local users via manipulations involving files and using symbolic links.
Source: MITRE
Max CVSS
7.8
EPSS Score
0.04%
Published
2020-08-13
Updated
2020-08-19
Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login.
Source: MITRE
Max CVSS
8.8
EPSS Score
0.07%
Published
2018-07-09
Updated
2018-09-07
Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder, filter, or Order parameter.
Source: MITRE
Max CVSS
9.8
EPSS Score
0.14%
Published
2019-02-10
Updated
2020-09-10
The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter.
Source: MITRE
Max CVSS
9.8
EPSS Score
0.26%
Published
2018-07-09
Updated
2019-10-03
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!