16 matches found
CVE-2017-14960
CVE-2017-14960 affects EMC OpenText/Document Sciences xPression xDashboard. The vulnerability is a SQL Injection in xDashboard (v4.5SP1 Patch 13) via the parameter model.jobHistoryId used in jobDocHistoryList.action, enabling an attacker to retrieve data from the underlying database. The issue is...
CVE-2017-14759
OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to an XML External Entity vulnerability: /xFramework/services/QuickDoc.QuickDocHttpSoap11Endpoint/. An unauthenticated user is able to read directory...
OpenText Document Sciences xPression 4.5SP1 Patch 13 - documentId SQL Injection Vulnerability
Exploit for jsp platform in category web applications Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14757 Affected Software: ================== OpenText Document Sciences xPressio...
OpenText Document Sciences xPression 4.5SP1 Patch 13 - documentId SQL Injection
OpenText Document Sciences xPression 4.5SP1 Patch 13 - documentId SQL Injection Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14758 Affected Software: ================== OpenText...
OpenText Document Sciences xPression 4.5SP1 Patch 13 - jobRunId SQL Injection Vulnerability
Exploit for jsp platform in category web applications Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14758 Affected Software: ================== OpenText Document Sciences xPressio...
OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'jobRunId' SQL Injection
Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14757 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Exploit was...
OpenText Document Sciences xPression 4.5SP1 Patch 13 SQL Injection Vulnerability
Exploit for java platform in category web applications Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14758 Affected Software: ================== OpenText Document Sciences xPressi...
OpenText Document Sciences xPression 4.5SP1 Patch 13 Cross Site Scripting Vulnerability
OpenText Document Sciences xPression version 4.5SP1 Patch 13 suffers from a cross site scripting vulnerability in the XPressoDoc functionality. Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - Cross-Site Scripting Author: Marcin Woloszyn Date: 27. September...
OpenText Document Sciences xPression 4.5SP1 Patch 13 Arbitrary File Read Vulnerability
Exploit for java platform in category web applications Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - Arbitrary File Read Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14754 Affected Software: ================== OpenText Document Sciences...
OpenText Document Sciences xPression 4.5SP1 Patch 13 SQL Injection Vulnerability
OpenText Document Sciences xPression version 4.5SP1 Patch 13 suffers from a remote SQL injection vulnerability in the doclist functionality. Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE:...
OpenText Document Sciences xPression 4.5SP1 Patch 13 Cross Site Scripting
Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - Cross-Site Scripting Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14756 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression...
OpenText Document Sciences xPression 4.5SP1 Patch 13 Arbitrary File Read
Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - Arbitrary File Read Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14754 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Explo...
OpenText Document Sciences xPression 4.5SP1 Patch 13 SQL Injection
Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14757 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Exploit was...
OpenText Document Sciences xPression 4.5SP1 Patch 13 SQL Injection
Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - SQL Injection Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14758 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Exploit was...
OpenText Document Sciences xPression 4.5SP1 Patch 13 XML Injection
Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - XML External Entity Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14759 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression Explo...
OpenText Document Sciences xPression 4.5SP1 Patch 13 Cross Site Scripting
Title: OpenText Document Sciences xPression formerly EMC Document Sciences xPression - Cross-Site Scripting Author: Marcin Woloszyn Date: 27. September 2017 CVE: CVE-2017-14755 Affected Software: ================== OpenText Document Sciences xPression formerly EMC Document Sciences xPression...