10 matches found
CVE-2026-23751
Kofax Capture, now referred to as Tungsten Capture, version 6.0.0.0 other versions may be affected exposes a deprecated .NET Remoting HTTP channel on port 2424 via the Ascent Capture Service that is accessible without authentication and uses a default, publicly known endpoint identifier. An...
EUVD-2026-25228
Kofax Capture, now referred to as Tungsten Capture, version 6.0.0.0 other versions may be affected exposes a deprecated .NET Remoting HTTP channel on port 2424 via the Ascent Capture Service that is accessible without authentication and uses a default, publicly known endpoint identifier. An...
CVE-2026-23751
Kofax Capture, now referred to as Tungsten Capture, version 6.0.0.0 other versions may be affected exposes a deprecated .NET Remoting HTTP channel on port 2424 via the Ascent Capture Service that is accessible without authentication and uses a default, publicly known endpoint identifier. An...
CVE-2026-23751 Kofax Capture 6.0.0.0 Unauthenticated File Read/Write & SMB Coercion via .NET Remoting
Kofax Capture, now referred to as Tungsten Capture, version 6.0.0.0 other versions may be affected exposes a deprecated .NET Remoting HTTP channel on port 2424 via the Ascent Capture Service that is accessible without authentication and uses a default, publicly known endpoint identifier. An...
CVE-2026-23751
CVE-2026-23751 affects Kofax Capture (now Tungsten Capture) 6.0.0.0. It exposes a deprecated .NET Remoting HTTP channel on port 2424 via the Ascent Capture Service, accessible without authentication. An unauthenticated attacker can use .NET Remoting object unmarshalling to instantiate a remote Sy...
CVE-2026-23751 Kofax Capture 6.0.0.0 Unauthenticated File Read/Write & SMB Coercion via .NET Remoting
Kofax Capture, now referred to as Tungsten Capture, version 6.0.0.0 other versions may be affected exposes a deprecated .NET Remoting HTTP channel on port 2424 via the Ascent Capture Service that is accessible without authentication and uses a default, publicly known endpoint identifier. An...
Kofax Capture 访问控制错误漏洞
Kofax Capture is an application developed by the Kofax company in the United States. It offers advanced pre-built intelligent document processing capabilities. Version Kofax Capture 6.0.0.0 contains a security vulnerability related to access control. This vulnerability stems from the exposure of ...
CVE-2023-5118 Stored cross-site scripting vulnerability in Kofax Capture software
The application is vulnerable to Stored Cross-Site Scripting XSS in the endpoint /sofer/DocumentService.asc/SaveAnnotation, where input data transmitted via the POST method in the parameters author and text are not adequately sanitized and validated. This allows for the injection of malicious...
CVE-2023-5118 Stored cross-site scripting vulnerability in Kofax Capture software
The application is vulnerable to Stored Cross-Site Scripting XSS in the endpoint /sofer/DocumentService.asc/SaveAnnotation, where input data transmitted via the POST method in the parameters author and text are not adequately sanitized and validated. This allows for the injection of malicious...
Kofax Capture Cross-Site Scripting Vulnerability
Kofax Capture is an application from Kofax USA. It provides best-in-class pre-built intelligent document processing capabilities. A cross-site scripting vulnerability exists in Kofax Capture version 11.0.0 and earlier, which stems from the endpoint /sofer/DocumentService.asc/SaveAnnotation being...