Lucene search
+L

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-14090

Malware in sbrugna...

9.8CVSS7.9AI score0.01959EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-13915

Malware in sbrugna...

4.3CVSS4.8AI score0.00994EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/06 7:30 a.m.12 views

Security Bulletin: Information Disclosure Vulnerability Affects IBM Emptoris Spend Analysis (CVE-2020-4897)

Summary Verbose application errors information disclosure affects IBM Emptoris Spend Analysis. Vulnerability Details CVEID: CVE-2020-4897 DESCRIPTION: IBM Emptoris could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Thi...

5.3CVSS5.3AI score0.01578EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/03 9:54 a.m.39 views

Security Bulletin: jQuery Vulnerabilities Affect IBM Emptoris Spend Analysis (CVE-2020-11023, CVE-2020-11022)

Summary jQuery security vulnerabilities affect IBM Emptoris Spend Analysis. Vulnerability Details CVEID: CVE-2020-11023 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this...

6.9CVSS7.2AI score0.99019EPSS
Exploits11Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/19 6:28 a.m.22 views

Security Bulletin: SQL Injection Affects IBM Emptoris Spend Analysis (CVE-2019-4752)

Summary SQL Injection affects IBM Emptoris Spend Analysis. Vulnerability Details CVEID: CVE-2019-4752 DESCRIPTION: IBM Emptoris Strategic Supply Management Platform is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to vie...

8.8CVSS9.1AI score0.01295EPSS
Exploits0Affected Software1
Prion
Prion
added 2019/08/20 8:15 p.m.12 views

Cross site scripting

IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...

3.5CVSS5.2AI score0.00673EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/08/20 7:15 p.m.4 views

CVE-2019-4481

IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IB...

9.8CVSS5.9AI score0.01959EPSS
Exploits0References2
OSV
OSV
added 2019/08/20 7:15 p.m.4 views

CVE-2019-4308

IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 10.1.0 through 10.1.3, and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 could allow an authenticated user to obtain sensitive information from error messages IBM X-Force ID: 161034...

4.3CVSS5.8AI score0.00994EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/07/02 2:57 p.m.14 views

Security Bulletin: Cross-Site Scripting Vulnerability Affects IBM Emptoris Spend Analysis

Summary A cross-site scripting vulnerability in IBM Emptoris Spend Analysis could allow an attacker to execute a script in a victim's Web browser Vulnerability Details IBM Emptoris Spend Analysis is vulnerable to cross-site scripting, caused by improper validation of user supplied input. A remote...

0.8AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 8:10 p.m.18 views

Security Bulletin: Vulnerability in IBM WebSphere Application Server affects IBM Emptoris Contract Management ,IBM Emptoris Sourcing and IBM Emptoris Spend Analysis (CVE-2017-1194)

Summary The IBM Emptoris Contract Management ,IBM Emptoris Sourcing and IBM Emptoris Spend Analysis products are affected by a vulnerability that exists in the IBM WebSphere Application Server. The security bulletin includes issues disclosed as part of the IBM WebSphere Application Server updates...

8.8CVSS8.6AI score0.00877EPSS
Exploits0Affected Software3
CNVD
CNVD
added 2017/07/17 12:0 a.m.5 views

IBM Emptoris Spend Analysis Cross-Site Scripting Vulnerability (CNVD-2017-24394)

The IBM Emptoris Spend Analysis solution supports organizations in consolidating, cleansing and categorizing spend data from disparate and scattered systems. A cross-site scripting vulnerability in IBM Emptoris Spend Analysis allows users to embed arbitrary JavaScript code in the Web UI, which...

5.4CVSS5.4AI score0.00725EPSS
Exploits0References1
NVD
NVD
added 2014/08/26 2:55 p.m.19 views

CVE-2014-3035

Cross-site scripting XSS vulnerability in IBM Emptoris Spend Analysis 9.5.x before 9.5.0.4, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

3.5CVSS5.1AI score0.00936EPSS
Exploits0References3
NVD
NVD
added 2014/08/26 2:55 p.m.18 views

CVE-2014-3061

Cross-site request forgery CSRF vulnerability in IBM Emptoris Spend Analysis 9.5.x before 9.5.0.4, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences...

6.8CVSS6.5AI score0.00626EPSS
Exploits0References3
Prion
Prion
added 2014/08/26 2:55 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Emptoris Spend Analysis 9.5.x before 9.5.0.4, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

3.5CVSS5.4AI score0.00936EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2014/08/26 2:55 p.m.13 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in IBM Emptoris Spend Analysis 9.5.x before 9.5.0.4, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences...

6.8CVSS6.8AI score0.00626EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/08/26 2:0 p.m.21 views

CVE-2014-3061

Cross-site request forgery CSRF vulnerability in IBM Emptoris Spend Analysis 9.5.x before 9.5.0.4, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences...

6.5AI score0.00626EPSS
Exploits0References3
Cvelist
Cvelist
added 2014/08/26 2:0 p.m.28 views

CVE-2014-3035

Cross-site scripting XSS vulnerability in IBM Emptoris Spend Analysis 9.5.x before 9.5.0.4, 10.0.1.x before 10.0.1.3, and 10.0.2.x before 10.0.2.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

5.1AI score0.00936EPSS
Exploits0References3
Rows per page
Query Builder