PT-2025-5476 · Unknown · Admin/Site Enhancements (Ase) Pro

Name of the Vulnerable Software and Affected Versions: Admin and Site Enhancements ASE Pro versions n/a through 7.6.1.1 Description: The issue is related to a lack of authorization in Admin and Site Enhancements ASE Pro, which allows the exploitation of incorrectly configured access control...

WordPress Admin and Site Enhancements (ASE) Pro Plugin <= 7.6.1.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Admin and Site Enhancements ASE Pro versions = 7.6.1.1...

IBM Maximo Asset Management 跨站脚本漏洞

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from International Business Machines IBM. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control over...

Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to information disclosure (CVE-2021-38924)

Summary IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to information disclosure. Vulnerability Details CVEID:CVE-2021-38924 DESCRIPTION: IBM Maximo Asset Management could allow a remote attacker to obtain sensitive information whe...

Design/Logic Flaw

IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4 application in IBM Maximo Application Suite are vulnerable to CSV injection. IBM X-Force ID: 2306335...

PT-2023-13442 · Ibm · Ibm Maximo Asset Management +1

Name of the Vulnerable Software and Affected Versions: IBM Maximo Asset Management versions 7.6.1.1 through 7.6.1.3 IBM Maximo Manage versions 8.3 through 8.4 Description: The issue concerns CSV injection. Recommendations: For IBM Maximo Asset Management versions 7.6.1.1 through 7.6.1.3, update t...

Security Bulletin: IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to Host Header Injection (CVE-2021-29854)

Summary IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite are vulnerable to Host header injection. Vulnerability Details CVEID:CVE-2021-29854 DESCRIPTION: IBM Maximo Asset Management is vulnerable to HTTP header injection, caused by improper...

PT-2022-10805 · Ibm · Ibm Maximo Asset Management

Name of the Vulnerable Software and Affected Versions: IBM Maximo Asset Management versions 7.6.1.1 through 7.6.1.2 Description: The issue allows a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2022-22365)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...

IBM Maximo Asset Management Input Validation Error Vulnerability

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM USA. IBM Maximo Asset Management versions 7.6.1.1 and 7.6.1.2 are vulnerable due to an input validation error in the HOST header, which can be exploited by remote attackers to by sending a...

IBM Maximo Asset Management 安全漏洞

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM USA. IBM Maximo Asset Management versions 7.6.1.1 and 7.6.1.2 are vulnerable due to an input validation error in the HOST header, which can be exploited by remote attackers to by sending a...

IBM Maximo Asset Management SQL Injection Vulnerability (CNVD-2020-34982)

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM USA. The solution is capable of managing all types of assets, such as facilities, transportation, etc., on a single platform with a single point of control for these assets. A SQL injection...

CVE-2020-4223

CVE-2020-4223 affects IBM Maximo Asset Management core product versions 7.6.0.10 and 7.6.1.1. The issue is a cross-site scripting vulnerability in the Web UI that could allow an attacker to embed arbitrary JavaScript, potentially leading to credential disclosure within a trusted session. The prim...

Security Bulletin: IBM Maximo Asset Management is vulnerable to SQL injection (CVE-2019-4650)

Summary IBM Maximo Asset Management is vulnerable to SQL injection. Vulnerability Details CVEID: CVE-2019-4650 DESCRIPTION: IBM Maximo Asset Management is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modif...

IBM Maximo Asset Management Cross-Site Scripting Vulnerability (CNVD-2020-25566)

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM USA. A cross-site scripting vulnerability exists in IBM Maximo Asset Management version 7.6.1.1. A remote attacker can exploit this vulnerability to inject arbitrary JavaScript code into th...

IBM Maximo Asset Management Cross-Site Scripting Vulnerability (CNVD-2020-25565)

IBM Maximo Asset Management is a comprehensive asset lifecycle and maintenance management solution from IBM USA. A cross-site scripting vulnerability exists in IBM Maximo Asset Management versions 7.6.1.0, 7.6.0.10, and 7.6.1.1. A remote attacker can exploit the vulnerability to inject arbitrary...

Security Bulletin: IBM Maximo Asset Management is vulnerable to cross-site scripting (CVE-2019-4749)

Summary IBM Maximo Asset Management is vulnerable to cross-site scripting. Vulnerability Details CVEID: CVE-2019-4749 DESCRIPTION: IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the...

CVE-2019-4583

IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 167289...

Information disclosure

IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 167289...

IBM Maximo Asset Management Information Disclosure Vulnerability (CNVD-2019-34599)

IBM Maximo Asset Management is a comprehensive solution for asset-intensive industries to manage corporate physical assets through a common platform. An information disclosure vulnerability exists in IBM Maximo Asset Management 7.6.1.1, which can be exploited by an attacker to obtain sensitive...