2903 matches found
CVE-2007-5949
Cross-site scripting XSS vulnerability in IBM Tivoli Service Desk 6.2 allows remote authenticated users to inject arbitrary web script or HTML via the Description parameter in a Maximo change action...
CVE-2005-1601
CVE-2005-1601 affects MRO Maximo Self Service 4 and 5, where certain information is stored under the web document root and exposed via file extensions not processed by Tomcat. This allows remote attackers to directly request files (e.g., MXServer.properties) and obtain sensitive information. The ...
CVE-2005-1601
MRO Maximo Self Service 4 and 5 stores certain information under the web document root using file extensions that are not processed by Tomcat, which allows remote attackers to obtain sensitive information via a direct request for the file, such as MXServer.properties...