16 matches found
EUVD-2022-49830
Malicious code in bioql PyPI...
CVE-2022-47053
An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file...
CVE-2022-47053
An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file...
CVE-2022-47053
An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file...
Privilege escalation
An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file...
CVE-2022-47053
An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file...
CVE-2022-47053
Summary: CVE-2022-47053 affects DNN (DotNetNuke) Digital Assets Manager, across DotNetNuke v7.0.0 through v9.10.2, enabling arbitrary code execution via a crafted SVG file through an arbitrary file upload vulnerability. The available connected documents consistently describe the vulnerability cla...
CVE-2022-47053
An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file...
Dotnetnuke 6.0.x < 9.11.0 Multiple Vulnerabilities (09.11.00)
According to its self-reported version, the instance of Dotnetnuke running on the remote web server is 6.0.x prior to 9.11.0. It is, therefore, affected by multiple vulnerabilities. - A third-party dependency, Moment.js, published security updates to their library. Fixes for the Issue DNN Platfor...
CVE-2015-4530
EMC Documentum CSRF vulnerability CVE-2015-4530 affects WebTop and related components (WebTop, WebTop-based clients; Administrator up to 7.2; DAM 6.5SP6; Web Publishers 6.5SP7; Task Space 6.7SP2). Root cause: incomplete fix for CVE-2014-2518. Impact: attackers can hijack user sessions, performing...
CVE-2015-4529
Open redirect vulnerability in EMC Documentum WebTop before 6.8P02, Documentum Administrator before 7.2P01, Documentum Digital Assets Manager through 6.5SP6, Documentum Web Publishers through 6.5SP7, and Documentum Task Space through 6.7SP2 allows remote attackers to redirect users to arbitrary w...
Unrestricted file upload
Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before P25;...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before...
CVE-2015-0551
Multiple cross-site scripting XSS vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum Digital Assets Manager 6.5SP6 before...
CVE-2015-0551
EMC Documentum WebTop and client products contain multiple cross-site scripting (XSS) vulnerabilities (CVE-2015-0551) allowing remote authenticated users to inject arbitrary HTML/script via unspecified vectors. Affected products include WebTop 6.7SP1/6.7SP2/6.8 and client components: Documentum A...
ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities
ESA-2014-059.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities EMC Identifier: ESA-2014-059 CVE Identifier: CVE-2014-2511 Severity Rating: CVSS v2 Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P Affected products: • EMC WebTop...