CVE-2015-0540

EMC Document Sciences xPression 4.2 before P44 and 4.5 SP1 before P03 - Authenticated SQL Injection

Title source: llm
STIX 2.1

Description

SQL injection vulnerability in the xAdmin interface in EMC Document Sciences xPression 4.2 before P44 and 4.5 SP1 before P03 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

References (1)

Core 1
Core References
Mailing List mailing-list x_refsource_bugtraq
http://seclists.org/bugtraq/2015/May/98

Scores

EPSS 0.0027
EPSS Percentile 50.2%

Details

CWE
CWE-89
Status published
Products (2)
emc/document_sciences_xpression 4.2 (3 CPE variants)
emc/document_sciences_xpression 4.5 sp1 (2 CPE variants)
Published May 25, 2015
Tracked Since Feb 18, 2026