Lucene search
+L

4 matches found

Circl
Circl
added 2022/07/14 8:32 p.m.12 views

CVE-2021-39018

creationtimestamp| type| source ---|---|--- 2022-07-14 20:32:54+00:00| seen| https://t.me/cibsecurity/46265...

4.3CVSS4.5AI score0.00607EPSS
Exploits0References1
OSV
OSV
added 2022/07/14 5:15 p.m.7 views

CVE-2021-39018

IBM Engineering Lifecycle Optimization - Publishing 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 could disclose sensitive information in a SQL error message that could aid in further attacks against the system. IBM X-Force ID: 213726...

4.3CVSS5.6AI score0.00607EPSS
Exploits0References2
CVE
CVE
added 2022/07/14 4:15 p.m.73 views

CVE-2021-39018

IBM Engineering Lifecycle Optimization - Publishing (Document Builder) contains a SQL injection-related information disclosure (CVE-2021-39018) affecting PUB 7.0, 7.0.1, 7.0.2 and RPE 6.0.6, 6.0.6.1. The root cause is missing UI validation in the Folder Name field, allowing sensitive data to be d...

4.3CVSS4.5AI score0.00607EPSS
Exploits0References2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/07/13 8:16 a.m.23 views

Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing Document Builder is vulnerable to SQLinjection (CVE-2021-39018)

Summary UI validation to Folder Name field is missing in IBM Engineering Lifecycle Optimization - Publishing Document Builder, resulting in display of SQL error to UI. This indicates the presence of SQL injection vulnerability. CVE-2021-39018 Vulnerability Details CVEID: CVE-2021-39018 DESCRIPTIO...

4.3CVSS0.5AI score0.00607EPSS
Exploits0Affected Software1
Rows per page
Query Builder