Web Dictate Admin Null Password Vulnerability

[revnic@xxxxxxxxx]

Web Dictate Admin Null Password Vulnerability

Software: Web Dictate
Version: 1.02
Website: http://nchsoftware.com/

Description:
Web Dictate is a dictation system that lets you record, edit and manage dictation over the internet. You, and other users, log into a server running Web Dictate to record dictation with any ordinary web browser.

Vulnerability:
After assigning a password for the Admin account, it is possible to login as Admin with a null password.

Credit:
Discovered by Revnic Vasile