33 matches found
EUVD-2011-2714
Malware in sbrugna...
EUVD-2012-0430
Malware in sbrugna...
CVE-2012-0404
Cross-site scripting XSS vulnerability in EMC Documentum eRoom before 7.4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Default credentials
EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom version 7.4.4 SP1, EMC Documentum eRoom version prior to 7.4.5 P04, EMC Documentum eRoom version prior to 7.5.0 P01 includes an unverified password change vulnerability that could potentially be exploited by malicious users to compromise th...
CVE-2017-2766
EMC Documentum eRoom version 7.4.4, EMC Documentum eRoom version 7.4.4 SP1, EMC Documentum eRoom version prior to 7.4.5 P04, EMC Documentum eRoom version prior to 7.5.0 P01 includes an unverified password change vulnerability that could potentially be exploited by malicious users to compromise th...
SEC Consult SA-20140701-0 :: Stored cross-site scripting vulnerabilities in EMC Documentum eRoom
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20140701-0 ======================================================================= title: Stored cross-site scripting vulnerabilities product: EMC Documentum eRoom vulnerable version: 7.4.3, 7.4.4, 7.4.4...
EMC Documentum eRoom Stored Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory 20140701-0 ======================================================================= title: Stored cross-site scripting vulnerabilities product: EMC Documentum eRoom vulnerable version: 7.4.3, 7.4.4, 7.4.4...
CVE-2014-2512
Multiple cross-site scripting XSS vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-2512
Multiple cross-site scripting XSS vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities.
ESA-2013-073.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities. EMC Identifier: ESA-2013-073 CVE Identifier: CVE-2013-3286 Severity Rating: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Affected product: • EMC...
CVE-2013-3286
Multiple cross-site scripting XSS vulnerabilities in EMC Documentum eRoom before 7.4.4 P11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2013-3286
Multiple cross-site scripting XSS vulnerabilities in EMC Documentum eRoom before 7.4.4 P11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL...
CVE-2013-3286
EMC Documentum eRoom is affected by multiple cross‑site scripting (XSS) vulnerabilities prior to version 7.4.4 P11. Exploitation vector involves crafting a URL that triggers script/HTML execution in an authenticated user context. Affected products include EMC Documentum eRoom versions 7.4.4 P10 a...
SEC Consult SA-20120315-0 :: Multiple permanent XSS vulnerabilities in EMC Documentum eRoom
SEC Consult Vulnerability Lab Security Advisory 20120315-0 ======================================================================= title: Multiple permanent cross-site scripting vulnerabilities product: EMC Documentum eRoom vulnerable version: 7.33.498.98 fixed version: 7.4.4 impact: high homepag...
EMC Documentum eRoom security vulnerabilities
replay attacks and crossite scripting...
ESA-2012-012: EMC Documentum eRoom Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-012: EMC Documentum eRoom multiple vulnerabilities EMC Identifier: ESA-2012-012 CVE Identifiers: CVE-2012-0398, CVE-2012-0404 Severity Rating: CVE-2012-0398 : CVSS Base Score is 5.8 AV:A/AC:L/Au:N/C:P/I:P/A:P CVE-2012-0404 : CVSS Base Score i...
EMC Documentum eRoom 7.33.498.98 Cross Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple permanent cross-site scripting vulnerabilities product: EMC Documentum eRoom vulnerable version: 7.33.498.98 fixed version: 7.4.4 impact: high homepage:...
Session fixation
EMC Documentum eRoom before 7.4.4 does not properly validate session cookies, which allows remote attackers to hijack or replay sessions via unspecified vectors...
CVE-2012-0404
EMC Documentum eRoom is affected by CVE-2012-0404, a DOM-based cross-site scripting vulnerability in versions prior to 7.4.4. The issue enables an attacker to inject arbitrary web script or HTML via unspecified vectors. EMC’s advisory ESA-2012-012 confirms upgrade to eRoom 7.4.4 as a remedy. No e...