Datacap Security Vulnerabilities and Issues — Datacap CVE List

Lucene search

IbmDatacap

8 matches found

CVE•added 2024/07/15 3:15 a.m.•64 views

CVE-2024-39741

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 296010.

5.3CVSS4.7AI score0.00168EPSS

CVE•added 2024/07/14 1:15 p.m.•59 views

CVE-2024-39733

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 295972.

5.5CVSS5.1AI score0.00025EPSS

CVE•added 2024/07/15 3:15 a.m.•53 views

CVE-2024-39735

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.2AI score0.00136EPSS

CVE•added 2024/07/15 2:15 a.m.•53 views

CVE-2024-39739

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 296008.

5.4CVSS4.8AI score0.00073EPSS

CVE•added 2024/07/15 2:15 a.m.•50 views

CVE-2024-39737

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 296004.

5.4CVSS5AI score0.00069EPSS

CVE•added 2024/07/15 3:15 a.m.•43 views

CVE-2024-39740

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP requests that could allow an attacker to gather information for future attacks against the system. IBM X-Force ID: 296009.

5.3CVSS4.4AI score0.00092EPSS

CVE•added 2025/06/28 1:15 a.m.•8 views

CVE-2024-39730

IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks ...

5.4CVSS6.4AI score0.00033EPSS

CVE•added 2025/06/28 1:15 a.m.•8 views

CVE-2025-36027

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against th...

5.4CVSS6.4AI score0.00029EPSS