Lucene search
China National Vulnerability DatabaseCNVD-2021-66055HistoryAug 24, 2021 - 12:00 a.m.
Nuance Winscribe Dictation SQL Injection Vulnerability
2021-08-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
nuance
winscribe
sql injection
vulnerability
automated workflow
login form
exporter
unauthenticated attacker
database access
EPSS
0.002
Percentile
64.7%
Nuance Winscribe Dictation is an automated workflow solution from Nuance. Create and share high-quality documents and simplify complex workflows in a more efficient and flexible way. Nuance Winscribe Dictation 4.1.0.99 is vulnerable to SQL injection. The vulnerability stems from the fact that the login form of exporter/Login.aspx in the software Exporter is not validated and can be exploited by a remote, unauthenticated attacker to read the database via the txtPassword parameter .
Related
nvd
nvd
CVE-2021-37599
2021-08-12 21:15:07
cvelist
cvelist
CVE-2021-37599
2021-08-12 20:40:53
checkpoint_advisories
checkpoint_advisories
Nuance Winscribe Dictation SQL Injection (CVE-2021-37599)
2021-09-29 00:00:00
prion
prion
Sql injection
2021-08-12 21:15:00
cve
cve
CVE-2021-37599
2021-08-12 21:15:07