VYPR

Vendor CVEs

Opentext

All CVEs

158 total · sorted by risk
  • CVE-2013-3243Oct 28, 2013
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver allows remote attackers to execute arbitrary ABAP code via unknown vectors.

  • CVE-2010-5283Nov 26, 2012
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in OpenText ECM (formerly Livelink ECM) 9.7.1 allows remote attackers to hijack the authentication of administrators for requests that change folder and resource permissions.

  • CVE-2010-5282Nov 26, 2012
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in OpenText ECM (formerly Livelink ECM) 9.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) viewType and (2) sort parameters in a browse action to livelink/livelink; and the (3) nodeid, (4) setctx,…

  • CVE-2008-0769Feb 14, 2008
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Livelink ECM 9.0.0 through 9.7.0 and possibly earlier does not set the charset, which allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input.

  • CVE-2007-2976Jun 1, 2007
    risk 0.00cvss epss 0.01

    Centrinity FirstClass 8.3 and earlier, and Server and Internet Services 8.0 and earlier, do not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS) attacks. NOTE: the provenance of this information is unknown;…

  • CVE-2005-1045May 2, 2005
    risk 0.00cvss epss 0.02

    OpenText FirstClass 8.0 client does not properly sanitize strings before passing them to the Windows ShellExecute API, which allows remote attackers to execute arbitrary commands via a UNC path in a bookmark.

  • CVE-2004-0037Jan 20, 2004
    risk 0.00cvss epss 0.02

    FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF messages.

  • CVE-2001-0631Aug 22, 2001
    risk 0.00cvss epss 0.01

    Centrinity First Class Internet Services 5.50 allows for the circumventing of the default 'spam' filters via the presence of '<@>' in the 'From:' field, which allows remote attackers to send spoofed email with the identity of local users.

Page 4 of 4