Lucene search
K

110 matches found

Cvelist
Cvelist
added 2015/07/04 2:0 p.m.22 views

CVE-2015-0551

Multiple cross-site scripting XSS vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before...

5.5AI score0.01075EPSS
Exploits0References2
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.33 views

ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities

ESA-2014-059.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities EMC Identifier: ESA-2014-059 CVE Identifier: CVE-2014-2511 Severity Rating: CVSS v2 Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P Affected products: • EMC WebTop...

4.3CVSS0.2AI score0.01792EPSS
Exploits0
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.37 views

ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities

ESA-2014-073.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities EMC Identifier: ESA-2014-073 CVE Identifier: CVE-2014-2518 Severity Rating: CVSS v2 Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P Affected products: • EMC...

6.8CVSS0.4AI score0.00984EPSS
Exploits0
NVD
NVD
added 2014/08/20 11:17 a.m.29 views

CVE-2014-2511

Multiple cross-site scripting XSS vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the 1 startat or 2 entryId parameter...

4.3CVSS5.8AI score0.01792EPSS
Exploits0References5
Prion
Prion
added 2014/08/20 11:17 a.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the 1 startat or 2 entryId parameter...

4.3CVSS6.1AI score0.01792EPSS
Exploits0References5Affected Software8
CVE
CVE
added 2014/08/20 10:0 a.m.46 views

CVE-2014-2511

CVE-2014-2511 maps to EMC Documentum WebTop multiple XSS vulnerabilities exploitable via startat and entryId parameters. The ESA-2014-059 advisory confirms the issue affects EMC WebTop 6.7 SP1, 6.7 SP2 (and other Documentum/WebTop family products) with fixes in specific patches/versions (e.g., We...

4.3CVSS5.9AI score0.01792EPSS
Exploits0References5Affected Software8
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Caldera UnixWare 7.1.1 WebTop SCOAdminReg.CGI Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3936/info UnixWare is a commercial Unix implementation distributed originally developed by SCO. It is now maintained and distributed by Caldera. The scoadminreg.cgi program does not properly validate user input when...

7.1AI score
Exploits0
CVE
CVE
added 2013/11/06 11:0 a.m.59 views

CVE-2013-3281

The CVE-2013-3281 entry describes a cross-site scripting (XSS) vulnerability in EMC Documentum products (Webtop, WDK, Taskspace, Records Manager, Web Publisher, Digital Asset Manager, Administrator, Capital Projects) prior to the stated SP versions. The flaw allows remote attackers to inject arbi...

4.3CVSS5.8AI score0.01001EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2013/05/10 11:42 a.m.30 views

CVE-2013-0939

EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allow remote attackers to obtain sensitive information via vectors involving cross-origin frame navigation, related to a "Cross Frame Scripting"...

5.8CVSS6.1AI score0.01057EPSS
Exploits0References1
NVD
NVD
added 2013/05/10 11:42 a.m.15 views

CVE-2013-0937

Session fixation vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allows remote attackers to hijack web sessions via unspecified vectors...

5.8CVSS6.7AI score0.0109EPSS
Exploits0References1
Prion
Prion
added 2013/05/10 11:42 a.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.00942EPSS
Exploits0References1Affected Software4
Prion
Prion
added 2013/05/10 11:42 a.m.19 views

Cross site scripting

EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allow remote attackers to obtain sensitive information via vectors involving cross-origin frame navigation, related to a "Cross Frame Scripting"...

5.8CVSS6.7AI score0.01057EPSS
Exploits0References1Affected Software4
Prion
Prion
added 2013/05/10 11:42 a.m.19 views

Session fixation

Session fixation vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allows remote attackers to hijack web sessions via unspecified vectors...

5.8CVSS7.2AI score0.0109EPSS
Exploits0References1Affected Software4
Cvelist
Cvelist
added 2013/05/10 10:0 a.m.23 views

CVE-2013-0938

Cross-site scripting XSS vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.00942EPSS
Exploits0References1
CVE
CVE
added 2013/05/10 10:0 a.m.57 views

CVE-2013-0938

CVE-2013-0938 describes a cross-site scripting (XSS) vulnerability in EMC Documentum products prior to 6.7 SP2. Affected components include Webtop, WDK, Taskspace, and Records Manager before 6.7 SP2. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors,...

4.3CVSS5.8AI score0.00942EPSS
Exploits0References1Affected Software4
Cvelist
Cvelist
added 2013/05/10 10:0 a.m.27 views

CVE-2013-0939

EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allow remote attackers to obtain sensitive information via vectors involving cross-origin frame navigation, related to a "Cross Frame Scripting"...

6.1AI score0.01057EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/05/10 10:0 a.m.23 views

CVE-2013-0937

Session fixation vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7 SP2, and Documentum Records Manager before 6.7 SP2 allows remote attackers to hijack web sessions via unspecified vectors...

6.7AI score0.0109EPSS
Exploits0References1
CVE
CVE
added 2013/05/10 10:0 a.m.58 views

CVE-2013-0937

CVE-2013-0937 is a session-fixation vulnerability affecting EMC Documentum Webtop, WDK, Taskspace, and Records Manager up to version 6.7 SP2. The entry describes that remote attackers could hijack an authenticated session via unspecified vectors. Affected components include Webtop, WDK, Taskspace...

5.8CVSS6.8AI score0.0109EPSS
Exploits0References1Affected Software4
securityvulns
securityvulns
added 2013/05/10 12:0 a.m.62 views

ESA-2013-021: EMC Documentum Multiple Vulnerabilities

ESA-2013-021.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-021: EMC Documentum Multiple Vulnerabilities EMC Identifier: ESA-2013-021 CVE Identifier: CVE-2013-0937, CVE-2013-0938, CVE-2013-0939 Severity Rating: See below for individual scores Affected products: • EMC Documentum Webtop...

5.8CVSS0.2AI score0.0109EPSS
Exploits0
Prion
Prion
added 2008/09/27 10:30 a.m.16 views

Design/Logic Flaw

IBM Tivoli Netcool/Webtop 2.1 before 2.1.0.5 preserves cached user privileges after logout, which allows physically proximate attackers to hijack a session by visiting an unattended workstation, as demonstrated by a root session that is still valid after a subsequent read-only session has begun...

7.2CVSS6.6AI score0.00395EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder