Lucene search
K

14 matches found

Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.3 views

PT-2025-44365

Name of the Vulnerable Software and Affected Versions Acquia DAM versions 0.0.0 through 1.1.4 Description A missing authorization issue exists in Drupal Acquia DAM, allowing for forceful browsing. This allows unauthorized access to resources. Recommendations Update Acquia DAM to version 1.1.5 or...

7.5CVSS6.6AI score0.0028EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7743

Malware in sbrugna...

7.3CVSS6.5AI score0.00717EPSS
Exploits0References3
Prion
Prion
added 2019/11/12 8:15 p.m.17 views

Cross site scripting

The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting XSS attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and...

4.3CVSS5.1AI score0.00717EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/11/12 7:15 p.m.23 views

CVE-2019-17332 TIBCO EBX Add-on For Digital Asset Manager Cross-Site Scripting Vulnerabilities

The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting XSS attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and...

7.3CVSS5.2AI score0.00717EPSS
Exploits0References2
CVE
CVE
added 2019/11/12 7:15 p.m.45 views

CVE-2019-17332

The CVE-2019-17332 issue affects TIBCO EBX Add-ons’ Digital Asset Manager Web Interface. Affected releases include EBX Add-ons up to 3.20.13 and 4.1.0, 4.2.0, 4.2.1, and 4.2.2. Description: authenticated users can perform stored cross-site scripting (XSS) attacks due to improper input handling in...

7.3CVSS5.4AI score0.00717EPSS
Exploits0References2Affected Software1
Tibco
Tibco
added 2019/11/08 9:54 p.m.21 views

TIBCO Security Advisory: November 12, 2019 - TIBCO EBX Add-on -2019-17332

TIBCO EBX Add-on For Digital Asset Manager Cross-Site Scripting Vulnerabilities Original release date: November 12,2019 Last revised: CVE-2019-17332 Source: TIBCO Software Inc. TIBCO EBX Add-on For Digital Asset Manager Cross-Site Scripting Vulnerabilities Original release date: November 12, 2019...

4.3CVSS5.8AI score0.00717EPSS
Exploits0Affected Software1
Tibco
Tibco
added 2019/11/08 9:54 p.m.18 views

TIBCO Security Advisory: November 12, 2019 - TIBCO EBX Add-on -2019-17332

TIBCO EBX Add-on For Digital Asset Manager Cross-Site Scripting Vulnerabilities Original release date: November 12,2019 Last revised: CVE-2019-17332 Source: TIBCO Software Inc. TIBCO EBX Add-on For Digital Asset Manager Cross-Site Scripting Vulnerabilities Original release date: November 12, 2019...

7.3CVSS6AI score0.00717EPSS
Exploits0Affected Software1
OSV
OSV
added 2018/02/27 5:29 a.m.5 views

CVE-2018-4875

Adobe Experience Manager versions 6.1 and 6.0 are vulnerable to a reflected cross-site scripting vulnerability related to the handling of malicious content embedded in image files uploaded to the DAM...

6.1CVSS5.7AI score0.02892EPSS
Exploits0References3
CNVD
CNVD
added 2015/08/20 12:0 a.m.6 views

Cross-Site Request Forgery Vulnerability in Multiple EMC Documentum Products

EMC Documentum WebTop is a suite of products that allow users to access Documentum repositories and content management services in a standard browser application.Documentum Administrator is a Web-based development tool used to perform Documentum system management tasks. Documentum Administrator i...

6.8CVSS6.7AI score0.00581EPSS
Exploits0References1
securityvulns
securityvulns
added 2014/08/26 12:0 a.m.37 views

ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities

ESA-2014-073.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities EMC Identifier: ESA-2014-073 CVE Identifier: CVE-2014-2518 Severity Rating: CVSS v2 Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P Affected products: • EMC...

6.8CVSS0.4AI score0.00984EPSS
Exploits0
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.44 views

ESA-2014-024: EMC Documentum Digital Asset Manager Blind DQL Injection Vulnerability

ESA-2014-024.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-024: EMC Documentum Digital Asset Manager Blind DQL Injection Vulnerability EMC Identifier: ESA-2014-024 CVE Identifier: CVE-2014-2503 Severity Rating: CVSS v2 Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P Affected products: • E...

7.5CVSS0.3AI score0.02793EPSS
Exploits0
Prion
Prion
added 2014/06/06 12:55 a.m.16 views

Design/Logic Flaw

The thumbnail proxy server in EMC Documentum Digital Asset Manager DAM 6.5 SP3, 6.5 SP4, 6.5 SP5, and 6.5 SP6 before P13 allows remote attackers to conduct Documentum Query Language DQL injection attacks and bypass intended restrictions on querying objects via a crafted parameter in a query strin...

7.5CVSS7.5AI score0.02793EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/06/06 12:0 a.m.27 views

CVE-2014-2503

The thumbnail proxy server in EMC Documentum Digital Asset Manager DAM 6.5 SP3, 6.5 SP4, 6.5 SP5, and 6.5 SP6 before P13 allows remote attackers to conduct Documentum Query Language DQL injection attacks and bypass intended restrictions on querying objects via a crafted parameter in a query strin...

7AI score0.02793EPSS
Exploits0References4
CVE
CVE
added 2013/11/06 11:0 a.m.59 views

CVE-2013-3281

The CVE-2013-3281 entry describes a cross-site scripting (XSS) vulnerability in EMC Documentum products (Webtop, WDK, Taskspace, Records Manager, Web Publisher, Digital Asset Manager, Administrator, Capital Projects) prior to the stated SP versions. The flaw allows remote attackers to inject arbi...

4.3CVSS5.8AI score0.01001EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder