CVE-2014-4305

2022-10-0316:20:46

mitre

www.cve.org

sql injection

nice recording express

remote attack

8.5 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

49.0%

JSON

Multiple SQL injection vulnerabilities in NICE Recording eXpress (aka Cybertech eXpress) 6.5.7 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

References

packetstormsecurity.com/files/126858/NICE-Recording-eXpress-6.x-Root-Backdoor-XSS-Bypass.html

www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140528-0_NICE_Recording_eXpress_Multiple_critical_vulnerabilities_v10.txt