212 matches found
IBM Tivoli Storage Productivity Center and IBM Spectrum Control Cross-Site Request Forgery Vulnerability
IBM Tivoli Storage Productivity Center and IBM Spectrum Control are both storage resource management software from IBM USA. A cross-site request forgery vulnerability exists in IBM Tivoli Storage Productivity Center versions 5.2.0 through 5.2.7.1 and IBM Spectrum Control versions 5.2.8 through...
CVE-2016-5947
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to conduct clickjacking attacks via a crafted web site...
CVE-2016-5947
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to conduct clickjacking attacks via a crafted web site...
CVE-2016-5946
Directory traversal vulnerability in IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a .. dot dot in a URL...
CVE-2016-5946
Directory traversal vulnerability in IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a .. dot dot in a URL...
CVE-2016-5945
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...
CVE-2016-5945
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...
CVE-2016-5944
Cross-site scripting XSS vulnerability in the Web UI in IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string...
CVE-2016-5944
Cross-site scripting XSS vulnerability in the Web UI in IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string...
CVE-2016-5943
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to bypass intended access restrictions, and read task details or edit properties, via unspecified vectors...
CVE-2016-5943
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to bypass intended access restrictions, and read task details or edit properties, via unspecified vectors...
Directory traversal
Directory traversal vulnerability in IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to read arbitrary files via a .. dot dot in a URL...
Design/Logic Flaw
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to bypass intended access restrictions, and read task details or edit properties, via unspecified vectors...
Code injection
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to conduct clickjacking attacks via a crafted web site...
Cross site scripting
Cross-site scripting XSS vulnerability in the Web UI in IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string...
Cross site request forgery (csrf)
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...
CVE-2016-5947
IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 is affected by a clickjacking vulnerability that can be exploited by a remote, authenticated user via a crafted web site. The issue affects IBM Spectrum Control / Tivoli Storage Productivity Center 5.2.8–5.2.10...
CVE-2016-5945
CVE-2016-5945 affects IBM Spectrum Control (formerly Tivoli Storage Productivity Center) versions 5.2.8–5.2.10.1 and Tivoli Storage Productivity Center 5.2.0–5.2.7.1. The vulnerability allows remote authenticated users to upload non-executable files by sending a crafted HTTP request. The IBM Secu...
CVE-2016-5947
IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to conduct clickjacking attacks via a crafted web site...
CVE-2016-5944
Cross-site scripting XSS vulnerability in the Web UI in IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string...