1938 matches found
OpenText Documentum Remote Code Execution Vulnerability
OpenText Documentum Content Server formerly known as EMC Documentum Content Server is a content management service system from OpenText Canada. The system is mainly used to manage the Documentum content repository, you can create, modify and track documents and other operations. A remote code...
Sql injection
OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dmbptransition docbase method with a user-created dmprocedure object,...
CVE-2017-7221
OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dmbptransition docbase method with a user-created dmprocedure object,...
CVE-2017-7221
OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dmbptransition docbase method with a user-created dmprocedure object,...
CVE-2017-7221
Summary (CVE-2017-7221) OpenText Documentum Content Server is susceptible to ARBITRARY CODE EXECUTION via the dm_bp_transition docbase method when a user-created dm_procedure object is present. The vulnerability enables remote authenticated users to run code with super-user privileges , demonstra...
OpenText Documentum Content Server - dm_bp_transition.ebs docbase Method Arbitrary Code Execution
Exploit for multiple platform in category web applications ''' CVE Identifier: CVE-2017-7221 Vendor: OpenText Affected products: OpenText Documentum Content Server all versions Researcher: Andrey B. Panfilov Severity Rating: CVSS v3 Base Score: 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Fix: not...
OpenText Documentum Content Server - dm_bp_transition.ebs docbase Method Arbitrary Code Execution
''' CVE Identifier: CVE-2017-7221 Vendor: OpenText Affected products: OpenText Documentum Content Server all versions Researcher: Andrey B. Panfilov Severity Rating: CVSS v3 Base Score: 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Fix: not available PoC:...
OpenText Documentum Content Server - dm_bp_transition.ebs docbase Method Arbitrary Code Execution
OpenText Documentum Content Server - dmbptransition.ebs docbase Method Arbitrary Code Execution ''' CVE Identifier: CVE-2017-7221 Vendor: OpenText Affected products: OpenText Documentum Content Server all versions Researcher: Andrey B. Panfilov Severity Rating: CVSS v3 Base Score: 8.8...
OpenText Documentum Content Server SQL Injection
!/usr/bin/env python import socket import sys from os.path import basename from dctmpy.docbaseclient import DocbaseClient from dctmpy.obj.typedobject import TypedObject CIPHERS = "ALL:aNULL:!eNULL" def usage: print "usage:\n\t%s host port user password" % basenamesys.argv0 def main: if lensys.arg...
CVE-2017-7220
OpenText Documentum Content Server allows superuser access via sysobjsave or save of a crafted object, followed by an unauthorized "UPDATE dmdbo.dmusers SET userprivileges=16" command, aka an "RPC save-commands" attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-453...
Design/Logic Flaw
OpenText Documentum Content Server allows superuser access via sysobjsave or save of a crafted object, followed by an unauthorized "UPDATE dmdbo.dmusers SET userprivileges=16" command, aka an "RPC save-commands" attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-453...
CVE-2017-7220
OpenText Documentum Content Server allows superuser access via sysobjsave or save of a crafted object, followed by an unauthorized "UPDATE dmdbo.dmusers SET userprivileges=16" command, aka an "RPC save-commands" attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-453...
CVE-2017-7220
OpenText Documentum Content Server has a vulnerability where an attacker can gain superuser access by saving a crafted object via sys_obj_save (or saving an object) and issuing an unauthorized UPDATE dm_dbo.dm_user_s SET user_privileges=16, i.e., the so‑called RPC save-commands attack. This CVE (...
OpenText Documentum Content Server Privilege Evaluation
CVE-2017-7220-01.py: !/usr/bin/env python import socket import sys from os.path import basename from dctmpy.docbaseclient import DocbaseClient from dctmpy.obj.typedobject import TypedObject CIPHERS = "ALL:aNULL:!eNULL" def usage: print "usage:\n\t%s host port user password" % basenamesys.argv0 de...
Design/Logic Flaw
OpenText Documentum Content Server formerly EMC Documentum Content Server 7.3, when PostgreSQL Database is used and returntopresultsrowbased config option is false, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and execute arbitrary...
CVE-2017-5585
OpenText Documentum Content Server formerly EMC Documentum Content Server 7.3, when PostgreSQL Database is used and returntopresultsrowbased config option is false, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and execute arbitrary...
Design/Logic Flaw
OpenText Documentum D2 formerly EMC Documentum D2 4.x allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the BeanShell bsh and Apache Commons Collections ACC libraries...
CVE-2017-5586
OpenText Documentum D2 formerly EMC Documentum D2 4.x allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the BeanShell bsh and Apache Commons Collections ACC libraries...
CVE-2017-5585
OpenText Documentum Content Server formerly EMC Documentum Content Server 7.3, when PostgreSQL Database is used and returntopresultsrowbased config option is false, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and execute arbitrary...
CVE-2017-5585
OpenText Documentum Content Server formerly EMC Documentum Content Server 7.3, when PostgreSQL Database is used and returntopresultsrowbased config option is false, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and execute arbitrary...