CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to Arbitrary File Read: /xAdmin/html/cmdatasourcegroupxsd.jsp, parameter: xsddatasourceschemafile filename. In order for this vulnerability to be...

6.8CVSS6.4AI score0.00373EPSS

Exploits2References2

securityvulns•added 2015/06/01 12:0 a.m.•48 views

ESA-2015-087 EMC Document Sciences xPression SQL Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-087 EMC Document Sciences xPression SQL Injection Vulnerability CVE Identifier: CVE-2015-0540 Severity Rating: CVSSv2 Base Score: 8.0 AV:N/AC:L/Au:S/C:P/I:P/A:C Affected products: • EMC Document Sciences xPression 4.2 • EMC Document Sciences...

6.5CVSS0.5AI score0.00267EPSS

Exploits0

securityvulns•added 2015/06/01 12:0 a.m.•28 views

EMC Document Sciences xPression SQL injection

No description provided...

6.5CVSS2.4AI score0.00267EPSS

Exploits0References1Affected Software1

NVD•added 2015/05/25 7:59 p.m.•12 views

CVE-2015-0540

SQL injection vulnerability in the xAdmin interface in EMC Document Sciences xPression 4.2 before P44 and 4.5 SP1 before P03 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

6.5CVSS7.9AI score0.00267EPSS

Exploits0References1

Cvelist•added 2015/05/25 7:0 p.m.•17 views

CVE-2015-0540

7.9AI score0.00267EPSS

Exploits0References1

CVE•added 2015/05/25 7:0 p.m.•38 views

CVE-2015-0540

CVE-2015-0540 affects EMC Document Sciences xPression (xAdmin interface) 4.2 before P44 and 4.5 SP1 before P03. The issue is a SQL injection vulnerability in the xAdmin interface that could allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, potentially com...

6.5CVSS8.1AI score0.00267EPSS

Exploits0References1Affected Software1

securityvulns•added 2013/12/09 12:0 a.m.•118 views

ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities

ESA-2013-078.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities EMC Identifier: ESA-2013-078 CVE Identifier: CVE-2013-6173, CVE-2013-6174, CVE-2013-6175, CVE-2013-6176, CVE-2013-6177 Severity Rating: CVSS v2 Base Score: See bel...

6.8CVSS7.4AI score0.00735EPSS

Exploits0

NVD•added 2013/11/21 4:40 a.m.•16 views

CVE-2013-6177

Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allows remote authenticated users to read arbitrary...

3.5CVSS6.2AI score0.00343EPSS

Exploits0References4

NVD•added 2013/11/21 4:40 a.m.•20 views

CVE-2013-6173

Multiple cross-site request forgery CSRF vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to...

6.8CVSS7.2AI score0.00122EPSS

Exploits0References5

NVD•added 2013/11/21 4:40 a.m.•16 views

CVE-2013-6175

Multiple cross-site scripting XSS vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to inject...

4.3CVSS5.8AI score0.0047EPSS

Exploits0References4

NVD•added 2013/11/21 4:40 a.m.•14 views

CVE-2013-6174

Multiple open redirect vulnerabilities in xAdmin in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to redirect...

5.8CVSS6.9AI score0.00735EPSS

Exploits0References5

NVD•added 2013/11/21 4:40 a.m.•12 views

CVE-2013-6176

Multiple SQL injection vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote authenticated users to execute...

6.5CVSS8.1AI score0.00269EPSS

Exploits0References4