Lucene search
K
EmcDocumentum Administrator

10 matches found

CVE
CVE
added 2013/11/06 11:0 a.m.59 views

CVE-2013-3281

The CVE-2013-3281 entry describes a cross-site scripting (XSS) vulnerability in EMC Documentum products (Webtop, WDK, Taskspace, Records Manager, Web Publisher, Digital Asset Manager, Administrator, Capital Projects) prior to the stated SP versions. The flaw allows remote attackers to inject arbi...

4.3CVSS5.8AI score0.01001EPSS
CVE
CVE
added 2017/01/23 6:49 a.m.57 views

CVE-2016-8213

CVE-2016-8213 affects EMC Documentum products: WebTop 6.8 (before P18) and 6.8.1 (before P06); TaskSpace 6.7SP3 (before P02); Capital Projects 1.9 (before P30) and 1.10 (before P17); and Administrator 7.0, 7.1, and 7.2 (before P18). The vulnerability is a Stored Cross-Site Scripting (XSS) issue t...

6.1CVSS5.8AI score0.00961EPSS
CVE
CVE
added 2014/08/20 10:0 a.m.54 views

CVE-2014-2518

EMC Documentum CSRF vulnerabilities (CVE-2014-2518) affect WebTop, Administrator, WDK, Task Space, Records Manager, Web Publisher and Digital Asset Manager across multiple versions; exploitation could hijack user sessions by tricking authenticated users. The ESA-2014-073 advisory notes the fix fo...

6.8CVSS7.2AI score0.00984EPSS
CVE
CVE
added 2015/07/16 9:0 p.m.53 views

CVE-2015-4529

This CVE (CVE-2015-4529) covers an open redirect vulnerability in EMC Documentum client/server components, including WebTop (before 6.8P02), Administrator (before 7.2P01), Digital Assets Manager (through 6.5SP6), Web Publishers (through 6.5SP7), and Task Space (through 6.7SP2). The underlying iss...

5.8CVSS6.8AI score0.01816EPSS
CVE
CVE
added 2015/07/04 2:0 p.m.52 views

CVE-2015-0551

EMC Documentum WebTop and client products contain multiple cross-site scripting (XSS) vulnerabilities (CVE-2015-0551) allowing remote authenticated users to inject arbitrary HTML/script via unspecified vectors. Affected products include WebTop 6.7SP1/6.7SP2/6.8 and client components: Documentum A...

3.5CVSS5.5AI score0.01075EPSS
CVE
CVE
added 2015/08/20 10:0 a.m.51 views

CVE-2015-4530

EMC Documentum CSRF vulnerability CVE-2015-4530 affects WebTop and related components (WebTop, WebTop-based clients; Administrator up to 7.2; DAM 6.5SP6; Web Publishers 6.5SP7; Task Space 6.7SP2). Root cause: incomplete fix for CVE-2014-2518. Impact: attackers can hijack user sessions, performing...

6.8CVSS7.3AI score0.00581EPSS
CVE
CVE
added 2016/06/23 12:0 a.m.49 views

CVE-2016-0914

EMC Documentum WebTop and related components are affected by CVE-2016-0914. The vulnerability allows remote authenticated users to bypass intended access restrictions and execute arbitrary IAPI/IDQL commands via the IAPI/IDQL interface. Affected products/versions and patches (as described): WebTo...

6.5CVSS6.5AI score0.01304EPSS
CVE
CVE
added 2015/07/04 2:0 p.m.47 views

CVE-2015-4524

CVE-2015-4524: Unrestricted file upload in EMC Documentum WebTop family enables remote authenticated users to upload arbitrary files to the backend Content Server, potentially executing code. Affected products and versions include WebTop 6.7SP1 before P31, 6.7SP2 before P23, 6.8 before P01; Docum...

6.5CVSS7.6AI score0.02401EPSS
CVE
CVE
added 2008/02/07 8:0 p.m.46 views

CVE-2008-0656

The CVE-2008-0656 entry concerns EMC Documentum components: Documentum Administrator 5.3.0.313 and Webtop 5.3.0.317. The vulnerability is an uncontrolled file upload in dmclTrace.jsp that allows a remote attacker to overwrite arbitrary files by supplying a crafted filename attribute. The availabl...

10CVSS6.9AI score0.02649EPSS
CVE
CVE
added 2014/08/20 10:0 a.m.46 views

CVE-2014-2511

CVE-2014-2511 maps to EMC Documentum WebTop multiple XSS vulnerabilities exploitable via startat and entryId parameters. The ESA-2014-059 advisory confirms the issue affects EMC WebTop 6.7 SP1, 6.7 SP2 (and other Documentum/WebTop family products) with fixes in specific patches/versions (e.g., We...

4.3CVSS5.9AI score0.01792EPSS