42 matches found
CVE-2019-16307
A Reflected Cross-Site Scripting XSS vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter webExMeetingLogin.jsp and meetingKey...
EUVD-2014-3157
Malware in sbrugna...
EUVD-2008-5202
Malware in sbrugna...
EUVD-2019-7098
Malware in sbrugna...
Xerox DocuShare Detection (HTTP)
HTTP based detection of Xerox DocuShare. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute...
Xerox DocuShare Bugs Allow Data Leaks
Xerox issued a fix for two vulnerabilities impacting its market-leading DocuShare enterprise document management platform. The bugs, if exploited, could expose DocuShare users to an attack resulting in the loss of sensitive data. On Wednesday, the Cybersecurity and Infrastructure Security Agency...
Xerox Releases Security Updates for DocuShare
Xerox has released security updates for DocuShare 6.6.1, 7.0, and 7.5 to address a vulnerability that could allow an unauthenticated attacker to obtain sensitive information. The Cybersecurity and Infrastructure Security Agency CISA urges users and administrators review Xerox Mini Bulletin XRX20W...
CVE-2019-16307
A Reflected Cross-Site Scripting XSS vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter webExMeetingLogin.jsp and meetingKey...
CVE-2019-16307
A Reflected Cross-Site Scripting XSS vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter webExMeetingLogin.jsp and meetingKey...
Cross site scripting
A Reflected Cross-Site Scripting XSS vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter webExMeetingLogin.jsp and meetingKey...
CVE-2019-16307
A Reflected Cross-Site Scripting XSS vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 allows remote attackers to inject arbitrary web script or HTML via the handle parameter webExMeetingLogin.jsp and meetingKey...
CVE-2019-16307
A Reflected XSS in the Fuji Xerox DocuShare webEx module up to version 7.0.0.C1.609 affects the webExMeetingLogin.jsp (handle parameter) and deleteWebExMeetingCheck.jsp (meetingKey parameter). The vulnerability allows remote attackers to inject arbitrary scripts/HTML via these inputs. The connect...
Xerox DocuShare Command Execution Vulnerability
Xerox DocuShare is a Web-based document content management solution from Xerox. The solution supports storage of any type of document, image or video, business process automation, document content sharing and collaboration. A command execution vulnerability exists in Xerox DocuShare. An attacker...
Xerox DocuShare Stack Buffer Overflow Vulnerability
Xerox DocuShare is a Web-based document content management solution from Xerox. The solution supports the storage of any type of document, image or video, business process automation, document content sharing and collaboration, and more. A stack buffer overflow vulnerability exists in Xerox...
Xerox DocuShare 6 - docushare/dsweb/ServicesLib/Group URI XSS
No description provided by source. source: http://www.securityfocus.com/bid/29430/info Xerox DocuShare is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
Xerox DocuShare - SQL Injection
No description provided by source. The following request is vulnerable to a SQL injection in the last URI segment: GET /docushare/dsweb/ResultBackgroundJobMultiple/1 HTTP/1.1 Host: 172.31.16.194:8080 User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:26.0 Gecko/20100101 Firefox/26.0 Accept:...
Xerox DocuShare 6 - dsdn/dsweb/SearchResults URI XSS
No description provided by source. source: http://www.securityfocus.com/bid/29430/info Xerox DocuShare is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
Xerox DocuShare 6 - dsdn/dsweb/Services/User URI XSS
No description provided by source. source: http://www.securityfocus.com/bid/29430/info Xerox DocuShare is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
Xerox DocuShare ResultBackgroundJobMultiple SQL Injection
An SQL injection vulnerability has been reported in Xerox DocuShare. The vulnerability is due to insufficient validation of requests sent to ResultBackgroundJobMultiple. A remote attacker can exploit this vulnerability by sending a specially crafted request to the target service. This can result ...
CVE-2014-3138
SQL injection vulnerability in Xerox DocuShare before 6.53 Patch 6 Hotfix 2, 6.6.1 Update 1 before Hotfix 24, and 6.6.1 Update 2 before Hotfix 3 allows remote authenticated users to execute arbitrary SQL commands via the PATHINFO to /docushare/dsweb/ResultBackgroundJobMultiple/. NOTE: some of the...