176 matches found
CVE-2016-5946
Directory traversal vulnerability in IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a .. dot dot in a URL...
CVE-2016-5945
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...
CVE-2016-5945
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...
CVE-2016-5944
Cross-site scripting XSS vulnerability in the Web UI in IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string...
CVE-2016-5944
Cross-site scripting XSS vulnerability in the Web UI in IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string...
CVE-2016-5943
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to bypass intended access restrictions, and read task details or edit properties, via unspecified vectors...
Directory traversal
Directory traversal vulnerability in IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a .. dot dot in a URL...
Code injection
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to conduct clickjacking attacks via a crafted web site...
Cross site scripting
Cross-site scripting XSS vulnerability in the Web UI in IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string...
Cross site request forgery (csrf)
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...
Design/Logic Flaw
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to bypass intended access restrictions, and read task details or edit properties, via unspecified vectors...
CVE-2016-5945
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...
CVE-2016-5943
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to bypass intended access restrictions, and read task details or edit properties, via unspecified vectors...
CVE-2016-5947
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to conduct clickjacking attacks via a crafted web site...
CVE-2016-5946
CVE-2016-5946 affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center). A directory traversal vulnerability allows remote authenticated users to read arbitrary files via a URL containing ".." (dot dot). Affected versions are Spectrum Control 5.2.8 through 5.2.10.1 and Tivoli Sto...
Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
Description Apache Struts is prone to a remote code-execution vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploit attempts may cause a denial-of-service condition. Apache Struts 1.0 through...