Lucene search
+L

292 matches found

CVE
CVE
added 2016/01/03 2:0 a.m.49 views

CVE-2015-5023

CVE-2015-5023 : IBM Cúram Social Program Management (SPM) 6.1 is vulnerable to SQL injection. The IBM security bulletin notes that an attacker who is already authenticated and has console access can send specially crafted SQL statements to view, modify, or delete data. Affected version: SPM 6.1 (...

6.5CVSS5.9AI score0.00707EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2016/01/03 2:0 a.m.22 views

CVE-2015-5023

SQL injection vulnerability in IBM Curam Social Program Management 6.1 before 6.1.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

6AI score0.00707EPSS
Exploits0References1
Prion
Prion
added 2016/01/02 5:59 a.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Curam Social Program Management 6.1 before 6.1.1.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

3.5CVSS5.4AI score0.00622EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2016/01/02 2:0 a.m.23 views

CVE-2015-7402

Cross-site scripting XSS vulnerability in IBM Curam Social Program Management 6.1 before 6.1.1.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

5AI score0.00622EPSS
Exploits0References1
CVE
CVE
added 2016/01/02 2:0 a.m.49 views

CVE-2015-7402

IBM Cúram Social Program Management 6.1 is affected by CVE-2015-7402 (XSS) due to improper validation of user-supplied input. An already authenticated remote attacker can exploit a specially crafted URL to execute arbitrary script in the victim’s browser within the site’s context, potentially ste...

5.4CVSS4.9AI score0.00622EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/11/27 12:0 a.m.5 views

IBM Cúram Social Program Management SQL Injection Vulnerability

IBM Curam Social Program Management SPM is a suite of social program management solutions from IBM in the United States. A SQL injection vulnerability exists in IBM Curam SPM. An attacker could use this vulnerability to take control of the application, access or modify data, or exploit potential...

6.5CVSS7.9AI score0.00707EPSS
Exploits0References1
CNVD
CNVD
added 2015/05/26 12:0 a.m.7 views

IBM Curam Social Program Management Cross-Site Scripting Vulnerability

IBM Curam Social Program Management is a social program management solution. The solution supports the end-to-end social program delivery process. A cross-site scripting vulnerability exists in IBM Curam SPM, which allows remote attackers to exploit the vulnerability to inject malicious script or...

3.5CVSS6.1AI score0.00783EPSS
Exploits0References1
NVD
NVD
added 2015/05/25 2:59 p.m.21 views

CVE-2014-6192

Cross-site scripting XSS vulnerability in IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5 iFix10, 6.0.5 before 6.0.5.6, and 6.0.5.5a before 6.0.5.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

3.5CVSS5.1AI score0.00783EPSS
Exploits0References1
Prion
Prion
added 2015/05/25 2:59 p.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5 iFix10, 6.0.5 before 6.0.5.6, and 6.0.5.5a before 6.0.5.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

3.5CVSS5.4AI score0.00783EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2015/05/25 2:0 p.m.44 views

CVE-2014-6192

CVE-2014-6192 affects IBM Cúram Social Program Management (SPM). The vulnerability is an XSS flaw caused by improper validation of user-supplied input, allowing a remote authenticated user to execute script via a crafted URL. Affected versions include: SPM 6.0 SP2 before EP26, 6.0.4 before 6.0.4....

3.5CVSS5.2AI score0.00783EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2015/05/25 2:0 p.m.22 views

CVE-2014-6192

Cross-site scripting XSS vulnerability in IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5 iFix10, 6.0.5 before 6.0.5.6, and 6.0.5.5a before 6.0.5.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

5.1AI score0.00783EPSS
Exploits0References1
CNVD
CNVD
added 2015/04/28 12:0 a.m.5 views

IBM Curam Social Program Management Denial of Service Vulnerability

IBM Curam Social Program Management SPM is a suite of social program management solutions from IBM USA. The solution supports the process of end-to-end social program delivery. A denial of service vulnerability exists in IBM Curam Social Program Management. An attacker is allowed to exploit this...

5CVSS6.6AI score0.01256EPSS
Exploits0References1
CNVD
CNVD
added 2015/04/28 12:0 a.m.5 views

IBM Curam Social Program Management (SPM) Cross-Site Request Forgery Vulnerability (CNVD-2015-02805)

IBM Curam Social Program Management SPM is a suite of social program management solutions from IBM USA. The solution supports the process of end-to-end social program delivery. A cross-site request forgery vulnerability exists in IBM Curam Social Program Management SPM. An attacker is allowed to...

6.8CVSS7AI score0.00578EPSS
Exploits0References1
NVD
NVD
added 2015/04/27 11:59 a.m.16 views

CVE-2014-6092

IBM Curam Social Program Management SPM 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.6 requires failed-login handling for web-service accounts to have the same lockout policy as for standard user accounts, which makes it easier for remote attackers to caus...

5CVSS6.5AI score0.01256EPSS
Exploits0References1
Prion
Prion
added 2015/04/27 11:59 a.m.18 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the 1 DataMappingEditorCommands, 2 DatastoreEditorCommands, and 3 IEGEditorCommands servlets in IBM Curam Social Program Management SPM 5.2 SP6 before EP6, 6.0 SP2 before EP26, 6.0.3 before 6.0.3.0 iFix8, 6.0.4 before 6.0.4.5 iFix10, and...

6.8CVSS7AI score0.00578EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2015/04/27 11:59 a.m.27 views

Code injection

IBM Curam Social Program Management SPM 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.6 requires failed-login handling for web-service accounts to have the same lockout policy as for standard user accounts, which makes it easier for remote attackers to caus...

5CVSS7AI score0.01256EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2015/04/27 11:59 a.m.23 views

CVE-2014-6090

Multiple cross-site request forgery CSRF vulnerabilities in the 1 DataMappingEditorCommands, 2 DatastoreEditorCommands, and 3 IEGEditorCommands servlets in IBM Curam Social Program Management SPM 5.2 SP6 before EP6, 6.0 SP2 before EP26, 6.0.3 before 6.0.3.0 iFix8, 6.0.4 before 6.0.4.5 iFix10, and...

6.8CVSS6.6AI score0.00578EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/04/27 1:0 a.m.20 views

CVE-2014-6090

Multiple cross-site request forgery CSRF vulnerabilities in the 1 DataMappingEditorCommands, 2 DatastoreEditorCommands, and 3 IEGEditorCommands servlets in IBM Curam Social Program Management SPM 5.2 SP6 before EP6, 6.0 SP2 before EP26, 6.0.3 before 6.0.3.0 iFix8, 6.0.4 before 6.0.4.5 iFix10, and...

6.6AI score0.00578EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/04/27 1:0 a.m.23 views

CVE-2014-6092

IBM Curam Social Program Management SPM 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.6 requires failed-login handling for web-service accounts to have the same lockout policy as for standard user accounts, which makes it easier for remote attackers to caus...

6.5AI score0.01256EPSS
Exploits0References1
CVE
CVE
added 2015/04/27 1:0 a.m.48 views

CVE-2014-6092

CVE-2014-6092 affects IBM Curam SPM prior to SP6 EP6 (5.2 SP6 EP6; 6.0 SP2 EP26; 6.0.4 prior to 6.0.4.6; 6.0.5 prior to 6.0.5.6). The issue is that failed-login handling for web-service accounts does not enforce the same lockout policy as standard user accounts, enabling an attacker with knowledg...

5CVSS6.6AI score0.01256EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder