4 matches found
Sql injection
OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dmbptransition docbase method with a user-created dmprocedure object,...
CVE-2017-7221
OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dmbptransition docbase method with a user-created dmprocedure object,...
CVE-2017-7221
OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dmbptransition docbase method with a user-created dmprocedure object,...
EMC Documentum Content Server Code Execution
Product: EMC Documentum Content Server Vendor: EMC Version: ANY CVE: N/A Risk: High Status: public/not fixed For detailed description see http://seclists.org/bugtraq/2015/Jul/51 New behavior introduced in CVE-2015-4532: API ?,c,execute domethod WITH METHOD='dmbptransition', ARGUMENTS=' repo repo...