Lucene search
K

69 matches found

OSV
OSV
added 2017/08/31 2:29 p.m.4 views

CVE-2017-1447

IBM Emptoris Sourcing 9.5 - 10.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128172...

5.4CVSS5.4AI score0.0054EPSS
Exploits0References2
Prion
Prion
added 2017/07/05 6:29 p.m.15 views

Cross site scripting

IBM Jazz Foundation Reporting Service JRS 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Forc...

3.5CVSS6.2AI score0.00717EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/04/14 4:59 p.m.2 views

CVE-2016-8927

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.4AI score0.00538EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2017/04/12 2:31 p.m.7 views

CloudForms: UI security issue on Openstack actions

A number of unused delete routes are present in CloudForms which can be accessed via GET requests instead of just POST requests. This could allow an attacker to bypass the protectfromforgery XSRF protection causing the routes to be used. This attack would require additional cross-site scripting o...

6.5CVSS5.6AI score0.01387EPSS
Exploits0References4
CNVD
CNVD
added 2017/02/14 12:0 a.m.5 views

IBM Rational Team Concert Cross-Site Scripting Vulnerability (CNVD-2017-01676)

IBM Rational Team Concert RTC is the U.S. IBM's set of Jazz-based platform and support for decentralized teams for real-time collaboration related to software lifecycle management solutions. A cross-site scripting vulnerability exists in IBM RTC. An attacker could exploit this vulnerability to...

5.4CVSS6.2AI score0.00613EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/08/31 5:0 p.m.20 views

CVE-2012-6603

The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to bypass authentication and obtain administrator privileges via unspecified vectors, aka Ref ID 37034...

7AI score0.04407EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/02/06 12:0 a.m.21 views

RuggedCom RuggedOS < 3.12.1 Web UI Multiple Security Vulnerabilities

Binary data scadaruggedoshttp3121.nbin...

7.3AI score
Exploits0References2
OSV
OSV
added 2011/04/18 6:55 p.m.5 views

CVE-2011-1716

Multiple cross-site scripting XSS vulnerabilities in the Web UI in Xymon before 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.8AI score
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.25 views

Mandrake Linux Security Advisory : xine-ui (MDKSA-2004:033)

Shaun Colley discovered a temporary file vulnerability in the xine-check script packaged in xine-ui. This problem could allow local attackers to overwrite arbitrary files with the privileges of the user invoking the script. The updated packages change the location of where temporary files are...

2.1CVSS5.6AI score0.00342EPSS
Exploits0References1
Rows per page
Query Builder