2897 matches found
CVE-2024-35148 IBM Maximo Application Suite SQL injection
IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database...
CVE-2024-35148
Summary of CVE-2024-35148 : IBM Maximo Application Suite – Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements to view, add, modify, or delete data in the back-end database. Affected Monitor Component versions include 8.10.10, 8.11.7, an...
CVE-2024-35144 IBM Maximo Application Suite information disclosure
IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the web server that could aid in further attacks against the system...
CVE-2024-35144
The CVE-2024-35144 case affects IBM Maximo Application Suite Monitor Component (versions 8.10, 8.11, 9.0). Description: the Monitor Component stores source code on the web server, creating potential disclosure of sensitive information (CWE-540). Impact is information disclosure that could aid fur...
CVE-2024-35144 IBM Maximo Application Suite information disclosure
IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the web server that could aid in further attacks against the system...
CVE-2024-35145 IBM Maximo Application Suite cross-site scripting
IBM Maximo Application Suite 9.0.0 - Monitor Component is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...
CVE-2024-35145
CVE-2024-35145 affects IBM Maximo Application Suite — Monitor Component (v9.0.0). The issue is a cross-site scripting vulnerability that lets an unauthenticated attacker embed JavaScript in the Web UI, potentially leading to credentials disclosure within a trusted session. Root cause: insufficien...
CVE-2024-35145 IBM Maximo Application Suite cross-site scripting
IBM Maximo Application Suite 9.0.0 - Monitor Component is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...
IBM Maximo Application Suite 安全漏洞
IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. IBM Maximo Application Suite has an input validation error vulnerability that stems from not neutralizin...
IBM Maximo Application Suite SQL注入漏洞
IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. An SQL injection vulnerability exists in IBM Maximo Application Suite. The vulnerability stems from the...
IBM Maximo Application Suite 跨站脚本漏洞
IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Maximo Application Suite version 9.0.0. The...
PT-2025-2434 · Ibm · Ibm Maximo Application Suite
Name of the Vulnerable Software and Affected Versions: IBM Maximo Application Suite versions 8.10.10 through 9.0 Description: The issue allows a remote attacker to send specially crafted SQL statements, potentially enabling them to view, add, modify, or delete information in the back-end database...
PT-2025-2432 · Ibm · Ibm Maximo Application Suite
Name of the Vulnerable Software and Affected Versions: IBM Maximo Application Suite versions 8.10 through 9.0 Description: The issue is related to the Monitor Component of the IBM Maximo Application Suite, which stores source code on the web server. This could aid in further attacks against the...
PT-2025-2435 · Ibm · Ibm Maximo Application Suite
Name of the Vulnerable Software and Affected Versions: IBM Maximo Application Suite versions 8.10.12 through 9.1.0 Description: The issue is related to the Monitor Component of the IBM Maximo Application Suite, which fails to properly handle log output. This could allow a remote attacker to injec...
PT-2025-2433 · Ibm · Ibm Maximo Application Suite
Name of the Vulnerable Software and Affected Versions: IBM Maximo Application Suite version 9.0.0 Description: The issue is related to cross-site scripting, allowing an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and...
IBM Maximo Application Suite 安全漏洞
IBM Maximo Application Suite is a single platform for intelligent asset management, monitoring, maintenance, computer vision, security and reliability from International Business Machines IBM. An information disclosure vulnerability exists in IBM Maximo Application Suite that stems from allowing...
CVE-2024-45077
IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of adding a dot to the end of the file name if Maximo is installed on Windows operating system...
CVE-2024-45077
IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of adding a dot to the end of the file name if Maximo is installed on Windows operating system...
CVE-2024-45077 IBM Maximo Asset Management file upload
IBM Maximo Asset Management 7.6.1.3 MXAPIASSET API is vulnerable to unrestricted file upload which allows authenticated low privileged user to upload restricted file types with a simple method of adding a dot to the end of the file name if Maximo is installed on Windows operating system...
CVE-2024-45077
CVE-2024-45077 affects IBM Maximo Asset Management 7.6.1.3 via the MXAPIASSET API. The issue is an unrestricted file upload vulnerability that lets an authenticated, low-privilege user upload restricted file types by appending a dot to the end of the filename when Maximo runs on Windows. CVSS v3....