Vulnerabilities (CVE)

Filtered by vendor Abbyy Subscribe
Filtered by product Flexicapture
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-13793 1 Abbyy 1 Flexicapture 2024-11-21 6.8 MEDIUM 8.8 HIGH
Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login.
CVE-2018-13792 1 Abbyy 1 Flexicapture 2024-11-21 7.5 HIGH 9.8 CRITICAL
Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder, filter, or Order parameter.
CVE-2018-13791 1 Abbyy 1 Flexicapture 2024-11-21 7.5 HIGH 9.8 CRITICAL
The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter.