82 matches found
CVE-2015-0540
CVE-2015-0540 affects EMC Document Sciences xPression (xAdmin interface) 4.2 before P44 and 4.5 SP1 before P03. The issue is a SQL injection vulnerability in the xAdmin interface that could allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, potentially com...
ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities
ESA-2013-078.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities EMC Identifier: ESA-2013-078 CVE Identifier: CVE-2013-6173, CVE-2013-6174, CVE-2013-6175, CVE-2013-6176, CVE-2013-6177 Severity Rating: CVSS v2 Base Score: See bel...
CVE-2013-6177
Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allows remote authenticated users to read arbitrary...
CVE-2013-6173
Multiple cross-site request forgery CSRF vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to...
CVE-2013-6176
Multiple SQL injection vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote authenticated users to execute...
CVE-2013-6174
Multiple open redirect vulnerabilities in xAdmin in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to redirect...
CVE-2013-6175
Multiple cross-site scripting XSS vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to inject...
Open redirect
Multiple open redirect vulnerabilities in xAdmin in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to redirect...
Directory traversal
Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allows remote authenticated users to read arbitrary...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to inject...
Sql injection
Multiple SQL injection vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote authenticated users to execute...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to...
CVE-2013-6177
Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allows remote authenticated users to read arbitrary...
CVE-2013-6175
Multiple cross-site scripting XSS vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to inject...
CVE-2013-6176
Multiple SQL injection vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote authenticated users to execute...
CVE-2013-6177
CVE-2013-6177 affects EMC Document Sciences xPression in versions 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05 (Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine). Description: a Path Traversal vulnerability in xDashboard allows...
CVE-2013-6175
EMC Document Sciences xPression CVE-2013-6175 describes multiple XSS flaws in xAdmin and xDashboard that could allow an authenticated user to inject script/HTML via input. Affected versions include 4.1 SP1 prior to Patch 47, 4.2 prior to Patch 26, and 4.5 prior to Patch 05. The issues are part of...
CVE-2013-6174
EMC Document Sciences xPression contains an open redirect vulnerability (CVE-2013-6174) in the xAdmin application (and related xDashboard context) that could be exploited to redirect users to arbitrary sites for phishing. Affected versions are 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5...
CVE-2013-6176
Affected product: EMC Document Sciences xPression (Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine) in versions 4.1 SP1 pre-Patch 47, 4.2 pre-Patch 26, and 4.5 pre-Patch 05. Vulnerability type: Multiple SQL injection vulnerabilities (CVE-2013-6176) af...
CVE-2013-6173
EMC Document Sciences xPression is affected by CSRF vulnerabilities (CVE-2013-6173) in xAdmin/xDashboard. Affected product lines: Enterprise Edition Publish Engine and Compuset Engine, and Documentum Edition. Versions: 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05. Impact:...