Lucene search
K

2427 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/17 9:31 p.m.6 views

CVE-2025-36348

IBM Sterling B2B Integrator versions 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 through 6.2.1.1, and IBM Sterling File Gateway versions 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 through 6.2.1.1 may expose sensitive information to a remote privileged attack...

4.9CVSS5.5AI score0.00298EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/02/17 12:0 a.m.7 views

PT-2026-20249

Name of the Vulnerable Software and Affected Versions IBM Sterling B2B Integrator versions 6.1.0.0 through 6.1.2.7 2 IBM Sterling B2B Integrator versions 6.2.0.0 through 6.2.0.5 IBM Sterling B2B Integrator versions 6.2.1.0 through 6.2.1.1 IBM Sterling File Gateway versions 6.1.0.0 through 6.1.2.7...

4.9CVSS5.4AI score0.00298EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/05 8:50 p.m.7 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway is Vulnerable to Denial of Service due to IBM Liberty Server (CVE-2025-36000)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the denial-of-service security vulnerability Vulnerability Details CVEID:CVE-2025-36000 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.8 is vulnerable to stored cross-site scripting. Th...

4.8CVSS5.1AI score0.00165EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/05 4:31 p.m.8 views

Security Bulletin: The Dashboard of IBM Sterling B2B Integrator and IBM Sterling File Gateway is Vulnerable to Information Disclosure (CVE-2025-36348)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the information disclosure vulnerability Vulnerability Details CVEID:CVE-2025-36348 DESCRIPTION: IBM Sterling B2B Integrator and IBM Sterling File Gateway could allow a remote privileged attacker to obtain sensitive...

4.9CVSS5.5AI score0.00298EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.5 views

CVE-2025-68883

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extremeidea bidorbuy Store Integrator bidorbuystoreintegrator allows Reflected XSS.This issue affects bidorbuy Store Integrator: from n/a through = 2.12.0...

7.1CVSS5.4AI score0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:16 p.m.5 views

CVE-2025-68883

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extremeidea bidorbuy Store Integrator bidorbuystoreintegrator allows Reflected XSS.This issue affects bidorbuy Store Integrator: from n/a through = 2.12.0...

7.1CVSS0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:52 p.m.2 views

CVE-2025-68883 WordPress bidorbuy Store Integrator plugin <= 2.12.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extremeidea bidorbuy Store Integrator bidorbuystoreintegrator allows Reflected XSS.This issue affects bidorbuy Store Integrator: from n/a through = 2.12.0...

7.1CVSS5.9AI score0.00175EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:52 p.m.2 views

CVE-2025-68883

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extremeidea bidorbuy Store Integrator bidorbuystoreintegrator allows Reflected XSS.This issue affects bidorbuy Store Integrator: from n/a through = 2.12.0...

7.1CVSS5.3AI score0.00175EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/22 4:52 p.m.18 views

CVE-2025-68883 WordPress bidorbuy Store Integrator plugin <= 2.12.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extremeidea bidorbuy Store Integrator bidorbuystoreintegrator allows Reflected XSS.This issue affects bidorbuy Store Integrator: from n/a through = 2.12.0...

7.1CVSS0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:52 p.m.9 views

CVE-2025-68883

CVE-2025-68883 concerns the WordPress plugin bidorbuy Store Integrator (bidorbuystoreintegrator). A Reflected Cross-Site Scripting (XSS) vulnerability exists in versions up to and including 2.12.0, caused by improper neutralization of user-supplied input during web page generation. Impact is Refl...

7.1CVSS5.4AI score0.00175EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.7 views

WordPress Plugin Bidorbuy Store Integrator Cross-Site Script Vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.1CVSS5.7AI score0.00175EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.6 views

PT-2026-4096

Name of the Vulnerable Software and Affected Versions extremeidea bidorbuy Store Integrator versions through 2.12.0 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Reflected Cross-site Scripting XSS condition...

5.3AI score0.00175EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/21 3:27 p.m.10 views

CVE-2025-36113

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

5.4CVSS5.1AI score0.00144EPSS
Exploits0References1
OSV
OSV
added 2026/01/20 4:16 p.m.3 views

CVE-2025-36065

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system...

6.5CVSS5.8AI score0.00158EPSS
Exploits0References1
OSV
OSV
added 2026/01/20 4:16 p.m.7 views

CVE-2025-36066

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadi...

6.1CVSS5.4AI score0.00172EPSS
Exploits0References1
NVD
NVD
added 2026/01/20 4:16 p.m.6 views

CVE-2025-36065

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system...

6.5CVSS0.00158EPSS
Exploits0References1
NVD
NVD
added 2026/01/20 4:16 p.m.11 views

CVE-2025-36115

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0.00 through 5.2.0.12 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system...

6.5CVSS0.00135EPSS
Exploits0References1
OSV
OSV
added 2026/01/20 4:16 p.m.6 views

CVE-2025-36063

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system...

6.5CVSS5.8AI score0.00145EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/20 3:18 p.m.4 views

CVE-2025-36115

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0.00 through 5.2.0.12 does not disallow the session id after use which could allow an authenticated user to impersonate another user on the system...

6.5CVSS5.3AI score0.00135EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/20 3:15 p.m.5 views

CVE-2025-36113 Multiple vulnerabilities were addressed in IBM Sterling Connect:Express for UNIX.

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

5.4CVSS5.1AI score0.00144EPSS
Exploits0References1
Rows per page
Query Builder