Lucene search
K

593 matches found

Cvelist
Cvelist
added 2017/07/24 9:0 p.m.25 views

CVE-2016-6118

IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force...

5.2AI score0.00729EPSS
Exploits0References3
CNVD
CNVD
added 2017/07/24 12:0 a.m.6 views

IBM Emptoris Services Procurement Local Information Disclosure Vulnerability

IBM Emptoris Services Procurement is a procurement management system from IBM USA. The system controls and manages the procurement lifecycle for third-party service categories. A security vulnerability exists in IBM Emptoris Services Procurement that stems from a failure of proper access control....

5.5CVSS6.3AI score0.00329EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/20 12:0 a.m.5 views

IBM Emptoris Contract Management Information Disclosure Vulnerability (CNVD-2017-21772)

IBM Emptoris Contract Management is a suite of software from IBM USA that automates the contract lifecycle. The software automates and manages all phases of the contract lifecycle, from the creation, execution and renegotiation of contracts and amendments, to performance monitoring, analysis and...

4.3CVSS6.2AI score0.00962EPSS
Exploits0References1
OSV
OSV
added 2017/07/19 8:29 p.m.4 views

CVE-2016-6018

IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error messages in certain features that could cause an attacker to gain additional information to conduct further attacks. IBM X-Force ID: 116738...

4.3CVSS5.9AI score0.00962EPSS
Exploits0References3
Prion
Prion
added 2017/07/19 8:29 p.m.20 views

Code injection

IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error messages in certain features that could cause an attacker to gain additional information to conduct further attacks. IBM X-Force ID: 116738...

4CVSS6.5AI score0.00962EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2017/07/19 8:29 p.m.25 views

CVE-2016-6018

IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error messages in certain features that could cause an attacker to gain additional information to conduct further attacks. IBM X-Force ID: 116738...

4.3CVSS4.5AI score0.00962EPSS
Exploits0References3
CVE
CVE
added 2017/07/19 8:0 p.m.44 views

CVE-2016-6018

CVE-2016-6018 affects IBM Emptoris Contract Management 10.0 and 10.1, where detailed error messages in certain features could allow an attacker to obtain additional information for further actions. The vulnerability is characterized as an information disclosure issue (information exposure) with a...

4.3CVSS5.4AI score0.00962EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/07/19 8:0 p.m.23 views

CVE-2016-6018

IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error messages in certain features that could cause an attacker to gain additional information to conduct further attacks. IBM X-Force ID: 116738...

4.5AI score0.00962EPSS
Exploits0References3
CNVD
CNVD
added 2017/07/17 12:0 a.m.5 views

IBM Emptoris Spend Analysis Cross-Site Scripting Vulnerability (CNVD-2017-24394)

The IBM Emptoris Spend Analysis solution supports organizations in consolidating, cleansing and categorizing spend data from disparate and scattered systems. A cross-site scripting vulnerability in IBM Emptoris Spend Analysis allows users to embed arbitrary JavaScript code in the Web UI, which...

5.4CVSS5.4AI score0.00725EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/17 12:0 a.m.4 views

IBM Emptoris Spend Analysis Cross-Site Scripting Vulnerability

The IBM Emptoris Spend Analysis solution enables organizations to consolidate, cleanse and categorize spend data from disparate and scattered systems. A cross-site scripting vulnerability in IBM Emptoris Spend Analysis allows users to embed arbitrary JavaScript code in the Web UI, which alters th...

5.4CVSS5.4AI score0.00729EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/14 12:0 a.m.4 views

IBM Emptoris Services Procurement Cross-Site Request Forgery Vulnerability

IBM Emptoris Services Procurement is a procurement management system from IBM USA. The system controls and manages the procurement lifecycle for third-party service categories. A cross-site request forgery vulnerability exists in IBM Emptoris Services Procurement version 10.x. A remote attacker...

8.8CVSS8.8AI score0.00668EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/14 12:0 a.m.5 views

IBM Emptoris Services Procurement Cross-Site Scripting Vulnerability

IBM Emptoris Services Procurement is a procurement management system from IBM USA. The system controls and manages the procurement lifecycle for third-party service categories. A cross-site scripting vulnerability exists in IBM Emptoris Services Procurement version 10.x. A remote attacker can...

6.1CVSS6.5AI score0.00977EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/14 12:0 a.m.6 views

IBM Emptoris Strategic Supply Management Platform Cross-Site Scripting Vulnerability

IBM Emptoris Strategic Supply Management is a common Web-based portal access to the Emptoris suite of products management platform from IBM. A cross-site scripting vulnerability exists in IBM Emptoris Strategic Supply Management versions 10.0.0.x through 10.1.1.x. A remote attacker could use this...

5.4CVSS5.5AI score0.00729EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/14 12:0 a.m.2 views

IBM Emptoris Strategic Supply Management Platform Cross-Site Scripting Vulnerability (CNVD-2017-23341)

IBM Emptoris Strategic Supply Management is a common Web-based portal access to the Emptoris suite of products management platform from IBM. A cross-site scripting vulnerability exists in IBM Emptoris Strategic Supply Management versions 10.0.0.x through 10.1.1.x. A remote attacker could use this...

5.4CVSS5.5AI score0.00729EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/14 12:0 a.m.2 views

IBM Emptoris Strategic Supply Management Platform Denial of Service Vulnerability

IBM Emptoris Strategic Supply Management is a common Web-based portal access to the Emptoris suite of products management platform from IBM. A security vulnerability exists in the authentication feature in IBM Emptoris Strategic Supply Management versions 10.0.0.x through 10.1.1.x. The...

7.5CVSS7.6AI score0.02914EPSS
Exploits0References1
Prion
Prion
added 2017/07/13 3:29 p.m.11 views

Cross site scripting

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...

3.5CVSS6.1AI score0.00729EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2017/07/13 3:29 p.m.13 views

CVE-2016-6019

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...

5.4CVSS5.2AI score0.00729EPSS
Exploits0References3
Prion
Prion
added 2017/07/13 3:29 p.m.10 views

Cross site scripting

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...

3.5CVSS6.1AI score0.00729EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/07/13 3:29 p.m.2 views

CVE-2016-6019

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...

5.4CVSS5.4AI score0.00729EPSS
Exploits0References3
OSV
OSV
added 2017/07/13 3:29 p.m.2 views

CVE-2016-8952

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trust...

5.4CVSS5.4AI score0.00729EPSS
Exploits0References3
Rows per page
Query Builder