11 matches found
CVE-2017-14960
xDashboard in OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 has SQL Injection...
CVE-2017-14960
xDashboard in OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 has SQL Injection...
CVE-2017-14960
CVE-2017-14960 affects EMC OpenText/Document Sciences xPression xDashboard. The vulnerability is a SQL Injection in xDashboard (v4.5SP1 Patch 13) via the parameter model.jobHistoryId used in jobDocHistoryList.action, enabling an attacker to retrieve data from the underlying database. The issue is...
CVE-2017-14960
xDashboard in OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 has SQL Injection...
OpenText Document Sciences xPression xDashboard SQL Injection Vulnerability
OpenText Document Sciences xPression formerly EMC Document Sciences xPression is a suite of document output management and customer communication solutions from OpenText Canada, Inc. The solution integrates an organization's Customer Relationship Management CRM, Enterprise Content Management ECM,...
EMC xPression 4.5SP1 Patch 13 SQL Injection Vulnerability
Exploit for multiple platform in category web applications Title: EMC xDashboard - SQL Injection Vulnerability Author: Pawel Gocyla Date: 02 January 2018 CVE: CVE-2017-14960 Affected Software: ================== EMC xPression v4.5SP1 Patch 13 Probably other versions are also vulnerable. SQL...
CVE-2013-6173
Multiple cross-site request forgery CSRF vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to...
CVE-2013-6177
Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allows remote authenticated users to read arbitrary...
CVE-2013-6175
Multiple cross-site scripting XSS vulnerabilities in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allow remote attackers to inject...
Directory traversal
Directory traversal vulnerability in EMC Document Sciences xPression 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05, as used in Documentum Edition, Enterprise Edition Publish Engine, and Enterprise Edition Compuset Engine, allows remote authenticated users to read arbitrary...
CVE-2013-6173
EMC Document Sciences xPression is affected by CSRF vulnerabilities (CVE-2013-6173) in xAdmin/xDashboard. Affected product lines: Enterprise Edition Publish Engine and Compuset Engine, and Documentum Edition. Versions: 4.1 SP1 before Patch 47, 4.2 before Patch 26, and 4.5 before Patch 05. Impact:...