Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opentext documentum content server 7.3 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2017-5585
OpenText Documentum Content Server (formerly EMC Documentum Content Server) 7.3, when PostgreSQL Database is used and return_top_results_row_based config option is false, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attack...
Opentext Documentum Content Server 7.3
6.5
CVSSv2
CVE-2017-15276
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives). When unpac...
Opentext Documentum Content Server
1 EDB exploit
6.5
CVSSv2
CVE-2017-15012
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 does not properly validate the input of the PUT_FILE RPC-command, which allows any authenticated user to hijack an arbitrary file from the Content Server filesystem; because some f...
Opentext Documentum Content Server
1 EDB exploit
6.5
CVSSv2
CVE-2017-15013
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server stores information about uploaded files in dmr_content objects, w...
Opentext Documentum Content Server
1 EDB exploit
4
CVSSv2
CVE-2017-15014
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows authenticated users to download arbitrary content files regardless of the attacker's repository permissions: When an authentica...
Opentext Documentum Content Server
1 EDB exploit
6.3
CVSSv2
CVE-2014-2520
EMC Documentum Content Server prior to 6.7 SP2 P16 and 7.x prior to 7.1 P07, when Oracle Database is used, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and read sensitive database content via a crafted request.
Emc Documentum Content Server 7.0
Emc Documentum Content Server 7.1
Emc Documentum Content Server
Emc Documentum Content Server 6.5
Emc Documentum Content Server 6.7
Emc Documentum Content Server 6.0
Emc Documentum Content Server 6.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started