14 matches found
CVE-2014-4305
Multiple SQL injection vulnerabilities in NICE Recording eXpress aka Cybertech eXpress 6.5.7 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2014-4308
Multiple cross-site scripting XSS vulnerabilities in NICE Recording eXpress aka Cybertech eXpress before 6.5.5 allow remote attackers to inject arbitrary web script or HTML via the 1 USRLNM parameter to myaccount/mysettings.edit.validate.asp or the frame parameter to 2...
EUVD-2014-4236
Malware in sbrugna...
EUVD-2014-4233
Malware in sbrugna...
CVE-2014-4308
Multiple cross-site scripting XSS vulnerabilities in NICE Recording eXpress aka Cybertech eXpress before 6.5.5 allow remote attackers to inject arbitrary web script or HTML via the 1 USRLNM parameter to myaccount/mysettings.edit.validate.asp or the frame parameter to 2...
CVE-2014-4305
Multiple SQL injection vulnerabilities in NICE Recording eXpress aka Cybertech eXpress 6.5.7 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in NICE Recording eXpress aka Cybertech eXpress before 6.5.5 allow remote attackers to inject arbitrary web script or HTML via the 1 USRLNM parameter to myaccount/mysettings.edit.validate.asp or the frame parameter to 2...
Sql injection
Multiple SQL injection vulnerabilities in NICE Recording eXpress aka Cybertech eXpress 6.5.7 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2014-4308
Multiple cross-site scripting XSS vulnerabilities in NICE Recording eXpress aka Cybertech eXpress before 6.5.5 allow remote attackers to inject arbitrary web script or HTML via the 1 USRLNM parameter to myaccount/mysettings.edit.validate.asp or the frame parameter to 2...
CVE-2014-4305
Multiple SQL injection vulnerabilities in NICE Recording eXpress aka Cybertech eXpress 6.5.7 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2014-4308
NICE Recording eXpress (Cybertech eXpress) is affected prior to version 6.5.5 by multiple XSS vulnerabilities. The issues arise from input in the USRLNM parameter (myaccount/mysettings.edit.validate.asp) and several _ifr/ iframe.picker.* endpoints (statchannels, channelgroups, extensions, license...
CVE-2014-4305
NICE Recording eXpress (aka Cybertech eXpress) 6.5.7 and earlier contains multiple SQL injection vulnerabilities. The issues allow remote attackers to execute arbitrary SQL commands via unspecified vectors. Root cause is SQL injection in the affected application paths; explicit affected component...
SEC Consult SA-20140528-0 :: Root Backdoor & Unauthenticated access to voice recordings in NICE Recording eXpress
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20140528-0 ======================================================================= title: Root Backdoor & Unauthenticated access to voice recordings product: NICE Recording eXpress voice recording soluti...
NICE Recording eXpress multiple security vulnerabilities
Multiple security vulnerability, including privileged backdoor access...