Lucene search
K

102 matches found

exploitpack
exploitpack
added 2018/01/03 12:0 a.m.38 views

EMC xPression 4.5SP1 Patch 13 - model.jobHistoryId SQL Injection

EMC xPression 4.5SP1 Patch 13 - model.jobHistoryId SQL Injection Title: EMC xDashboard - SQL Injection Vulnerability Author: Pawel Gocyla Date: 02 January 2018 CVE: CVE-2017-14960 Affected Software: ================== EMC xPression v4.5SP1 Patch 13 Probably other versions are also vulnerable. SQL...

5CVSS0.4AI score0.03737EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/01/03 12:0 a.m.50 views

EMC xPression 4.5SP1 Patch 13 - 'model.jobHistoryId' SQL Injection

Title: EMC xDashboard - SQL Injection Vulnerability Author: Pawel Gocyla Date: 02 January 2018 CVE: CVE-2017-14960 Affected Software: ================== EMC xPression v4.5SP1 Patch 13 Probably other versions are also vulnerable. SQL Injection Vulnerability: ============================== This...

7.5CVSS7.6AI score0.03737EPSS
Exploits5
BDU FSTEC
BDU FSTEC
added 2017/11/03 12:0 a.m.4 views

The vulnerability of the Document Sciences xPression enterprise automation system arises from incorrect restrictions on XML references to external objects. This allows attackers to gain access to system files, perform SRF attacks, or cause service failures.

The vulnerability of the Document Sciences xPression enterprise automation system arises from an incorrect limitation on XML references to external objects /xFramework/services/QuickDoc.QuickDocHttpSoap11Endpoint/. Exploiting this vulnerability could allow a malicious actor to gain access to syst...

9.8CVSS7.8AI score0.01311EPSS
Exploits1References3
CNVD
CNVD
added 2017/10/09 12:0 a.m.6 views

OpenText Document Sciences xPression SQL Injection Vulnerability (CNVD-2017-33295)

OpenText Document Sciences xPression formerly known as EMC Document Sciences xPression is a document output management and customer communication solution from OpenText Canada. The solution integrates an organization's Customer Relationship Management CRM, Enterprise Content Management ECM, and...

8.8CVSS8.8AI score0.02672EPSS
Exploits6References1
CNVD
CNVD
added 2017/10/09 12:0 a.m.3 views

OpenText Document Sciences xPression Cross-Site Scripting Vulnerability (CNVD-2017-33297)

OpenText Document Sciences xPression formerly known as EMC Document Sciences xPression is a document output management and customer communication solution from OpenText Canada. The solution integrates with an organization's Customer Relationship Management CRM, Enterprise Content Management ECM a...

6.1CVSS6.2AI score0.00661EPSS
Exploits3References1
CNVD
CNVD
added 2017/10/09 12:0 a.m.5 views

OpenText Document Sciences xPression Cross-Site Scripting Vulnerability

OpenText Document Sciences xPression formerly known as EMC Document Sciences xPression is a document output management and customer communication solution from OpenText Canada. The solution integrates with an organization's Customer Relationship Management CRM, Enterprise Content Management ECM a...

6.1CVSS6.2AI score0.00661EPSS
Exploits3References1
CNVD
CNVD
added 2017/10/09 12:0 a.m.5 views

OpenText Document Sciences xPression XML External Entity Vulnerability

OpenText Document Sciences xPression formerly known as EMC Document Sciences xPression is a document output management and customer communication solution from OpenText Canada. The solution integrates an organization's Customer Relationship Management CRM, Enterprise Content Management ECM, and...

9.8CVSS9.5AI score0.01311EPSS
Exploits1References1
CNVD
CNVD
added 2017/10/09 12:0 a.m.4 views

OpenText Document Sciences xPression SQL Injection Vulnerability

OpenText Document Sciences xPression formerly known as EMC Document Sciences xPression is a suite of document output management and customer communication solutions from OpenText Canada. A SQL injection vulnerability exists in OpenText Document Sciences xPression version 4.5SP1 Patch 13. A remote...

8.8CVSS8.8AI score0.01895EPSS
Exploits6References1
NVD
NVD
added 2017/10/03 1:29 a.m.24 views

CVE-2017-14755

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to Cross-Site Scripting: /xAdmin/html/XPressoDoc, parameter: categoryId...

6.1CVSS6.3AI score0.00661EPSS
Exploits3References2
OSV
OSV
added 2017/10/03 1:29 a.m.3 views

CVE-2017-14758

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to SQL Injection: /xAdmin/html/cmdoclistviewuc.jsp, parameter: documentId. In order for this vulnerability to be exploited, an attacker must authenticat...

8.8CVSS5.8AI score0.02672EPSS
Exploits6References3
OSV
OSV
added 2017/10/03 1:29 a.m.2 views

CVE-2017-14755

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to Cross-Site Scripting: /xAdmin/html/XPressoDoc, parameter: categoryId...

6.1CVSS5.8AI score0.00661EPSS
Exploits3References2
NVD
NVD
added 2017/10/03 1:29 a.m.27 views

CVE-2017-14758

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to SQL Injection: /xAdmin/html/cmdoclistviewuc.jsp, parameter: documentId. In order for this vulnerability to be exploited, an attacker must authenticat...

8.8CVSS8.8AI score0.02672EPSS
Exploits6References3
OSV
OSV
added 2017/10/03 1:29 a.m.4 views

CVE-2017-14759

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to an XML External Entity vulnerability: /xFramework/services/QuickDoc.QuickDocHttpSoap11Endpoint/. An unauthenticated user is able to read directory...

9.8CVSS5.8AI score0.01311EPSS
Exploits1References2
NVD
NVD
added 2017/10/03 1:29 a.m.27 views

CVE-2017-14754

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to Arbitrary File Read: /xAdmin/html/cmdatasourcegroupxsd.jsp, parameter: xsddatasourceschemafile filename. In order for this vulnerability to be...

6.8CVSS6.4AI score0.01297EPSS
Exploits2References2
NVD
NVD
added 2017/10/03 1:29 a.m.22 views

CVE-2017-14756

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to Cross-Site Scripting: /xAdmin/html/Deployment catid...

6.1CVSS6.3AI score0.00661EPSS
Exploits3References2
NVD
NVD
added 2017/10/03 1:29 a.m.19 views

CVE-2017-14757

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to SQL Injection: /xDashboard/html/jobhistory/downloadSupportFile.action, parameter: jobRunId. In order for this vulnerability to be exploited, an...

8.8CVSS8.8AI score0.01895EPSS
Exploits6References3
OSV
OSV
added 2017/10/03 1:29 a.m.7 views

CVE-2017-14757

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to SQL Injection: /xDashboard/html/jobhistory/downloadSupportFile.action, parameter: jobRunId. In order for this vulnerability to be exploited, an...

8.8CVSS5.8AI score0.01895EPSS
Exploits6References3
OSV
OSV
added 2017/10/03 1:29 a.m.4 views

CVE-2017-14756

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to Cross-Site Scripting: /xAdmin/html/Deployment catid...

6.1CVSS5.8AI score0.00661EPSS
Exploits3References2
Prion
Prion
added 2017/10/03 1:29 a.m.20 views

Cross site scripting

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to Cross-Site Scripting: /xAdmin/html/Deployment catid...

4.3CVSS6.2AI score0.00661EPSS
Exploits3References2Affected Software1
Prion
Prion
added 2017/10/03 1:29 a.m.12 views

Cross site scripting

OpenText Document Sciences xPression formerly EMC Document Sciences xPression v4.5SP1 Patch 13 older versions might be affected as well is prone to Cross-Site Scripting: /xAdmin/html/XPressoDoc, parameter: categoryId...

4.3CVSS6.2AI score0.00661EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder