Lucene search
+L

879 matches found

osv
osv
added 2017/12/07 3:29 p.m.5 views

CVE-2017-1355

IBM Atlas eDiscovery Process Management 6.0.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 126682...

3.7CVSS5.8AI score0.01042EPSS
Exploits0References3
nvd
nvd
added 2017/12/07 3:29 p.m.17 views

CVE-2017-1354

IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS5.2AI score0.00514EPSS
Exploits0References2
osv
osv
added 2017/12/07 3:29 p.m.5 views

CVE-2017-1356

IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126683...

8.8CVSS5.9AI score0.01436EPSS
Exploits0References3
prion
prion
added 2017/12/07 3:29 p.m.15 views

Sql injection

IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126683...

6.5CVSS8.5AI score0.01436EPSS
Exploits0References3Affected Software1
osv
osv
added 2017/12/07 3:29 p.m.5 views

CVE-2017-1354

IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS5.4AI score0.00514EPSS
Exploits0References2
cvelist
cvelist
added 2017/12/07 3:0 p.m.18 views

CVE-2017-1355

IBM Atlas eDiscovery Process Management 6.0.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 126682...

3.7AI score0.01042EPSS
Exploits0References3
cve
cve
added 2017/12/07 3:0 p.m.56 views

CVE-2017-1355

IBM Atlas eDiscovery Process Management stores sensitive information in URL parameters, enabling potential information disclosure via server logs, referrers, or browser history. Affected: 6.0.3 through 6.0.3.5. CVSS v3 base 3.7. Remediation: upgrade to 6.0.3 Fix Pack 6 (6.0.3 FP6).

4.3CVSS3.8AI score0.01042EPSS
Exploits0References3Affected Software1
cve
cve
added 2017/12/07 3:0 p.m.49 views

CVE-2017-1353

IBM Atlas eDiscovery Process Management 6.0.3–6.0.3.5 is vulnerable to an information-disclosure issue where an authenticated attacker could obtain sensitive data when a user clicks unsafe third-party links. The root cause is that links with target="_blank" and no rel="noopener noreferrer" grant ...

3.5CVSS3.5AI score0.00683EPSS
Exploits0References2Affected Software1
cve
cve
added 2017/12/07 3:0 p.m.50 views

CVE-2017-1356

Affected product: IBM Atlas eDiscovery Process Management. Vulnerability: SQL injection in versions 6.0.3 – 6.0.3.5 due to insufficient input filtering, enabling a remote attacker to view, add, modify, or delete data in the backend database. Root cause (as stated): vulnerability to SQL injection....

8.8CVSS8.6AI score0.01436EPSS
Exploits0References3Affected Software1
cve
cve
added 2017/12/07 3:0 p.m.54 views

CVE-2017-1354

The CVE-2017-1354 entry concerns IBM Atlas eDiscovery Process Management. A cross-site scripting (XSS) vulnerability affects Atlas eDiscovery Process Management 6.0.3 (specifically 6.0.3.0 to 6.0.3.5). The underlying issue allows an attacker to inject arbitrary JavaScript into the Web UI, potenti...

5.4CVSS5.2AI score0.00514EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2017/12/07 3:0 p.m.24 views

CVE-2017-1353

IBM Atlas eDiscovery Process Management 6.0.3 could allow an authenticated attacker to obtain sensitive information when an unsuspecting user clicks on unsafe third-party links. IBM X-Force ID: 126680...

3.4AI score0.00683EPSS
Exploits0References2
cvelist
cvelist
added 2017/12/07 3:0 p.m.23 views

CVE-2017-1356

IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126683...

8.6AI score0.01436EPSS
Exploits0References3
cvelist
cvelist
added 2017/12/07 3:0 p.m.17 views

CVE-2017-1354

IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.2AI score0.00514EPSS
Exploits0References2
cnvd
cnvd
added 2017/12/07 12:0 a.m.7 views

IBM Atlas eDiscovery Process Management Information Disclosure Vulnerability

IBM Atlas eDiscovery Process Management is a product within the Information Lifecycle Governance solution from IBM USA that is used to help attorneys, paralegals, and evidence supervisors rigorously and logically manage legal evidence retention workflows. An information disclosure vulnerability...

4.3CVSS6.2AI score0.01042EPSS
Exploits0References1
openbugbounty
openbugbounty
added 2017/12/04 7:40 p.m.10 views

atlas-viagens.pt XSS vulnerability

Open Bug Bounty ID: OBB-448285 Description| Value ---|--- Affected Website:| atlas-viagens.pt Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
openbugbounty
openbugbounty
added 2017/09/29 8:6 p.m.13 views

atlas-hallen.de XSS vulnerability

Open Bug Bounty ID: OBB-318283 Description| Value ---|--- Affected Website:| atlas-hallen.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
openbugbounty
openbugbounty
added 2017/09/25 5:47 p.m.14 views

atlas-minerva.web.cern.ch XSS vulnerability

Vulnerable URL: https://atlas-minerva.web.cern.ch/atlas-minerva/index.php?lang=fr"es Details: Description| Value ---|--- Patched:| No Latest check for patch:| 24.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No...

6.3AI score
Exploits0
openbugbounty
openbugbounty
added 2017/09/18 6:33 p.m.10 views

atlas-editions.de XSS vulnerability

Open Bug Bounty ID: OBB-299318 Description| Value ---|--- Affected Website:| atlas-editions.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
openvas
openvas
added 2017/08/31 12:0 a.m.14 views

Apache Atlas Detection (HTTP)

HTTP based detection of Apache Atlas. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.112030";...

7.4AI score
Exploits0References1
openvas
openvas
added 2017/08/31 12:0 a.m.23 views

Apache Atlas < 0.8 Access Vulnerability

Apache Atlas is prone to an access vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:atlas"; ifdescription...

7.5CVSS7.5AI score0.02127EPSS
Exploits0References1
Rows per page
Query Builder