cve/2014/CVE-2014-2508.md

### [CVE-2014-2508](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2508)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended restrictions on database actions via vectors involving DQL hints.

### POC

#### Reference
- http://packetstormsecurity.com/files/126960/EMC-Documentum-Content-Server-Escalation-Injection.html

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2014-2508](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2508)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended restrictions on database actions via vectors involving DQL hints.`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/126960/EMC-Documentum-Content-Server-Escalation-Injection.html`

			`#### Github`
			`No PoCs found on GitHub currently.`