Lucene search
K

110 matches found

OSV
OSV
added 2018/04/11 6:29 a.m.2 views

CVE-2018-7660

In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Reflected Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via the servlet/Download docbase or username parameter...

5.4CVSS5.8AI score0.00545EPSS
Exploits1References1
Prion
Prion
added 2018/04/11 6:29 a.m.17 views

Cross site scripting

In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Stored Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via a filename of an uploaded image file...

3.5CVSS5.2AI score0.00545EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/04/11 6:0 a.m.43 views

CVE-2018-7660

Affected product : OpenText Documentum D2 Webtop v4.6.0030 build 059. Vulnerability : Reflected Cross-Site Scripting (XSS) via the servlet/Download _docbase or _username parameter. Root cause / impact : XSS could allow an attacker to potentially compromise the affected system; exploitation detail...

5.4CVSS5.3AI score0.00545EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/04/11 6:0 a.m.48 views

CVE-2018-7659

OpenText Documentum D2 Webtop 4.6.0030 build 059 is affected by a Stored Cross-Site Scripting vulnerability exploitable via the filename of an uploaded image file. The connected CNVD/NVD entries confirm the vulnerability as Stored XSS in Webtop, but the provided documents do not specify a confirm...

5.4CVSS5.1AI score0.00545EPSS
Exploits1References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/10/17 12:0 a.m.5 views

The vulnerability in the web interface that provides access to the OpenText Documentum Webtop repository is related to incorrect restrictions on XML links to external objects. This allows attackers to read arbitrary files or cause service failures.

The vulnerability in the web interface that provides access to the OpenText Documentum Webtop repository is related to an improper limitation on XML references to external objects XML External Entity, XXE. Exploiting this vulnerability could allow a malicious actor to read arbitrary files remotel...

5.5CVSS7.8AI score0.01376EPSS
Exploits3References3Affected Software1
Openbugbounty
Openbugbounty
added 2017/10/05 1:44 p.m.11 views

webtop.com.br Open Redirect vulnerability

Vulnerable URL: http://www.webtop.com.br/linkvisita.php?id=93306=data%3Atext%2Fhtml%3Bbase64%2CPHNjcmlwdD5hbGVydCgvT1BFTkJVR0JPVU5UWS8pPC9zY3JpcHQ%2B Details: Description| Value ---|--- Patched:| No Latest check for patch:| 04.01.2018 Vulnerability type:| Open Redirect Vulnerability status:|...

6.9AI score
Exploits0
NVD
NVD
added 2017/09/28 1:29 a.m.20 views

CVE-2017-14527

Multiple XML external entity XXE vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a 1 crafted DTD,...

8.8CVSS8.5AI score0.01376EPSS
Exploits3References2
OSV
OSV
added 2017/09/28 1:29 a.m.3 views

CVE-2017-14527

Multiple XML external entity XXE vulnerabilities in the OpenText Documentum Webtop 6.8.0160.0073 allow remote authenticated users to list the contents of arbitrary directories, read arbitrary files, cause a denial of service, or, on Windows, obtain Documentum user hashes via a 1 crafted DTD,...

8.8CVSS5.9AI score0.01376EPSS
Exploits3References2
NVD
NVD
added 2017/09/28 1:29 a.m.24 views

CVE-2017-14525

Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a 1 URL in the startat parameter to xda/help/en/default.htm or 2 /%09/ slash encoded horizontal tab slash followed by...

6.1CVSS6.4AI score0.00825EPSS
Exploits2References2
OSV
OSV
added 2017/09/28 1:29 a.m.4 views

CVE-2017-14525

Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a 1 URL in the startat parameter to xda/help/en/default.htm or 2 /%09/ slash encoded horizontal tab slash followed by...

6.1CVSS5.9AI score0.00825EPSS
Exploits2References2
Prion
Prion
added 2017/09/28 1:29 a.m.20 views

Open redirect

Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a 1 URL in the startat parameter to xda/help/en/default.htm or 2 /%09/ slash encoded horizontal tab slash followed by...

5.8CVSS6.4AI score0.00825EPSS
Exploits2References2Affected Software2
Cvelist
Cvelist
added 2017/09/27 5:0 p.m.26 views

CVE-2017-14525

Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a 1 URL in the startat parameter to xda/help/en/default.htm or 2 /%09/ slash encoded horizontal tab slash followed by...

6.4AI score0.00825EPSS
Exploits2References2
CVE
CVE
added 2017/09/27 5:0 p.m.66 views

CVE-2017-14527

CVE-2017-14527 affects OpenText Documentum Webtop 6.8.0160.0073. The vulnerability is an XML External Entity (XXE) injection in Webtop, triggered by crafted XML—specifically in a DTD within a request to xda/com/documentum/ucf/server/transport/impl/GAIRConnector or via a crafted XML file in a Medi...

8.8CVSS8.3AI score0.01376EPSS
Exploits3References2Affected Software2
CVE
CVE
added 2017/09/27 5:0 p.m.61 views

CVE-2017-14525

CVE-2017-14525 concerns OpenText Documentum Webtop 6.8.0160.0073 with open redirect vulnerabilities. The issue allows remote attackers to redirect users to arbitrary sites via (1) the startat parameter in xda/help/en/default.htm or (2) a slash-encoded sequence followed by a domain in the redirect...

6.1CVSS6.3AI score0.00825EPSS
Exploits2References2Affected Software2
Packet Storm
Packet Storm
added 2017/09/27 12:0 a.m.74 views

OpenText Documentum Administrator / Webtop Open Redirection

Title: OpenText Documentum Administrator and Webtop - Open Redirection Author: Jakub Palaczynski Date: 24. September 2017 CVE Administrator: CVE-2017-14524 CVE Webtop: CVE-2017-14525 Affected software: ================== Documentum Administrator Documentum Webtop Exploit was tested on:...

6.3AI score0.0294EPSS
Exploits2
CNVD
CNVD
added 2017/09/27 12:0 a.m.6 views

OpenText Documentum Webtop XML External Entity Injection Vulnerability

OpenText Documentum Webtop is a suite of products from OpenText Canada that allow users to access Documentum repositories and content management services in standard browser applications. An XML external entity injection vulnerability exists in OpenText Documentum Webtop version 6.8.0160.0073. A...

8.8CVSS7.5AI score0.01376EPSS
Exploits3References1
0day.today
0day.today
added 2017/09/27 12:0 a.m.103 views

OpenText Documentum Administrator / Webtop XXE Injection Vulnerability

OpenText Documentum Administrator version 7.2.0180.0055 and Documentum Webtop version 6.8.0160.0073 suffer from XML external entity injection vulnerabilities. Title: OpenText Documentum Administrator and Webtop - XML External Entity Injection Author: Jakub Palaczynski, Pawel Gocyla Date: 24...

6.5CVSS9AI score0.01376EPSS
Exploits3
0day.today
0day.today
added 2017/09/27 12:0 a.m.58 views

OpenText Documentum Administrator / Webtop Open Redirection Vulnerability

OpenText Documentum Administrator version 7.2.0180.0055 and Documentum Webtop version 6.8.0160.0073 suffer from an open redirection vulnerability. Title: OpenText Documentum Administrator and Webtop - Open Redirection Author: Jakub Palaczynski Date: 24. September 2017 CVE Administrator:...

5.8CVSS6.3AI score0.0294EPSS
Exploits2
OSV
OSV
added 2017/01/23 7:59 a.m.4 views

CVE-2016-8213

EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, prior to P06; and EMC Documentum TaskSpace version 6.7SP3, prior to P02; and EMC Documentum Capital Projects Version 1.9, prior to P30 and Version 1.10, prior to P17; and EMC Documentum Administrator Version 7.0, Version 7.1, and...

6.1CVSS5.8AI score0.00961EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/01/23 6:49 a.m.21 views

CVE-2016-8213

EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, prior to P06; and EMC Documentum TaskSpace version 6.7SP3, prior to P02; and EMC Documentum Capital Projects Version 1.9, prior to P30 and Version 1.10, prior to P17; and EMC Documentum Administrator Version 7.0, Version 7.1, and...

5.9AI score0.00961EPSS
Exploits0References3
Rows per page
Query Builder