CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

Prion•added 2018/01/04 5:29 p.m.•17 views

Sql injection

xDashboard in OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 has SQL Injection...

5CVSS7.8AI score0.09496EPSS

Exploits5References3Affected Software1

CNVD•added 2018/01/04 12:0 a.m.•1 views

OpenText Document Sciences xPression xDashboard SQL Injection Vulnerability

OpenText Document Sciences xPression formerly EMC Document Sciences xPression is a suite of document output management and customer communication solutions from OpenText Canada, Inc. The solution integrates an organization's Customer Relationship Management CRM, Enterprise Content Management ECM,...

7.5CVSS7.8AI score0.09496EPSS

Exploits5References1

CNVD•added 2017/10/09 12:0 a.m.•1 views

OpenText Document Sciences xPression SQL Injection Vulnerability

OpenText Document Sciences xPression formerly known as EMC Document Sciences xPression is a suite of document output management and customer communication solutions from OpenText Canada. A SQL injection vulnerability exists in OpenText Document Sciences xPression version 4.5SP1 Patch 13. A remote...

8.8CVSS8.8AI score0.00329EPSS

Exploits6References1

CNVD•added 2017/10/09 12:0 a.m.•2 views

OpenText Document Sciences xPression XML External Entity Vulnerability

OpenText Document Sciences xPression formerly known as EMC Document Sciences xPression is a document output management and customer communication solution from OpenText Canada. The solution integrates an organization's Customer Relationship Management CRM, Enterprise Content Management ECM, and...

9.8CVSS9.5AI score0.00464EPSS

Exploits1References1

CNVD•added 2017/10/09 12:0 a.m.•2 views

OpenText Document Sciences xPression SQL Injection Vulnerability (CNVD-2017-33295)

8.8CVSS8.8AI score0.00329EPSS

Exploits6References1

OSV•added 2017/10/03 1:29 a.m.•2 views

CVE-2017-14757

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to SQL Injection: /xDashboard/html/jobhistory/downloadSupportFile.action, parameter: jobRunId. In order for this vulnerability to be exploited, an...

8.8CVSS5.8AI score

Exploits0References3

NVD•added 2017/10/03 1:29 a.m.•13 views

CVE-2017-14754

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to Arbitrary File Read: /xAdmin/html/cmdatasourcegroupxsd.jsp, parameter: xsddatasourceschemafile filename. In order for this vulnerability to be...

6.8CVSS6.4AI score0.00373EPSS

Exploits2References2

OSV•added 2017/10/03 1:29 a.m.•1 views

CVE-2017-14755

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to Cross-Site Scripting: /xAdmin/html/XPressoDoc, parameter: categoryId...

6.1CVSS5.8AI score

Exploits0References2

NVD•added 2017/10/03 1:29 a.m.•8 views

CVE-2017-14757

8.8CVSS8.8AI score0.00329EPSS

Exploits6References3

OSV•added 2017/10/03 1:29 a.m.•1 views

CVE-2017-14759

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to an XML External Entity vulnerability: /xFramework/services/QuickDoc.QuickDocHttpSoap11Endpoint/. An unauthenticated user is able to read directory...

9.8CVSS5.8AI score0.00464EPSS

Exploits1References2

Cvelist•added 2017/10/02 5:0 p.m.•14 views

CVE-2017-14756

6.3AI score0.00301EPSS

Exploits3References2

Cvelist•added 2017/10/02 5:0 p.m.•12 views

CVE-2017-14758

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to SQL Injection: /xAdmin/html/cmdoclistviewuc.jsp, parameter: documentId. In order for this vulnerability to be exploited, an attacker must authenticat...

8.8AI score0.00329EPSS

Exploits6References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by