30 matches found
CVE-2017-14960
xDashboard in OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 has SQL Injection...
CVE-2017-14960
CVE-2017-14960 affects EMC OpenText/Document Sciences xPression xDashboard. The vulnerability is a SQL Injection in xDashboard (v4.5SP1 Patch 13) via the parameter model.jobHistoryId used in jobDocHistoryList.action, enabling an attacker to retrieve data from the underlying database. The issue is...
OpenText Document Sciences xPression Cross-Site Scripting Vulnerability
OpenText Document Sciences xPression formerly known as EMC Document Sciences xPression is a document output management and customer communication solution from OpenText Canada. The solution integrates with an organization's Customer Relationship Management CRM, Enterprise Content Management ECM a...
CVE-2017-14756
OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to Cross-Site Scripting: /xAdmin/html/Deployment catid...
CVE-2017-14756
OpenText Document Sciences xPression, v4.5SP1 Patch 13 (and older) is affected by CVE-2017-14756: a Cross-Site Scripting vulnerability in /xAdmin/html/Deployment (cat_id) that can inject JavaScript reflected to users. Exploitation requires user interaction and can be triggered remotely via crafte...
CVE-2017-14755
OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to Cross-Site Scripting: /xAdmin/html/XPressoDoc, parameter: categoryId...
CVE-2017-14759
OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to an XML External Entity vulnerability: /xFramework/services/QuickDoc.QuickDocHttpSoap11Endpoint/. An unauthenticated user is able to read directory...
OpenText Document Sciences xPression 4.5SP1 Patch 13 - jobRunId SQL Injection Vulnerability
Exploit for jsp platform in category web applications Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14758 Affected Software: ================== OpenText Document Sciences xPressio...
OpenText Document Sciences xPression 4.5SP1 Patch 13 - documentId SQL Injection Vulnerability
Exploit for jsp platform in category web applications Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14757 Affected Software: ================== OpenText Document Sciences xPressio...
OpenText Document Sciences xPression 4.5SP1 Patch 13 - documentId SQL Injection
OpenText Document Sciences xPression 4.5SP1 Patch 13 - documentId SQL Injection Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14758 Affected Software: ================== OpenText...
OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'jobRunId' SQL Injection
Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14757 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Exploit was...
OpenText Document Sciences xPression 4.5SP1 Patch 13 SQL Injection Vulnerability
Exploit for java platform in category web applications Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14758 Affected Software: ================== OpenText Document Sciences xPressi...
OpenText Document Sciences xPression 4.5SP1 Patch 13 SQL Injection Vulnerability
OpenText Document Sciences xPression version 4.5SP1 Patch 13 suffers from a remote SQL injection vulnerability in the doclist functionality. Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE:...
OpenText Document Sciences xPression 4.5SP1 Patch 13 Arbitrary File Read Vulnerability
Exploit for java platform in category web applications Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - Arbitrary File Read Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14754 Affected Software: ================== OpenText Document Sciences...
OpenText Document Sciences xPression 4.5SP1 Patch 13 Cross Site Scripting Vulnerability
OpenText Document Sciences xPression version 4.5SP1 Patch 13 suffers from a cross site scripting vulnerability in the XPressoDoc functionality. Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - Cross-Site Scripting Author: Marcin Woloszyn Date: 27. September...
OpenText Document Sciences xPression 4.5SP1 Patch 13 SQL Injection
Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14758 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Exploit was...
OpenText Document Sciences xPression 4.5SP1 Patch 13 Cross Site Scripting
Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - Cross-Site Scripting Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14756 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression...
OpenText Document Sciences xPression 4.5SP1 Patch 13 Arbitrary File Read
Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - Arbitrary File Read Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14754 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Explo...
OpenText Document Sciences xPression 4.5SP1 Patch 13 SQL Injection
Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14757 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Exploit was...
OpenText Document Sciences xPression 4.5SP1 Patch 13 Cross Site Scripting
Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - Cross-Site Scripting Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14755 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression...