Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
IbmEmptoris Strategic Supply Management10.1.1.10

8 matches found

CVE
CVEadded 2017/08/09 6:29 p.m.52 views

CVE-2017-1448

IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redir...

5.4CVSS5.4AI score0.00119EPSS
CVE
CVEadded 2017/08/09 6:29 p.m.42 views

CVE-2016-8949

IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redir...

5.4CVSS5.4AI score0.00119EPSS
CVE
CVEadded 2017/07/13 3:29 p.m.40 views

CVE-2016-8952

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.2AI score0.00269EPSS
CVE
CVEadded 2017/09/05 9:29 p.m.37 views

CVE-2017-1097

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 120657.

8.8CVSS8.7AI score0.00151EPSS
CVE
CVEadded 2017/08/09 6:29 p.m.36 views

CVE-2016-6121

IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X...

5.4CVSS5.3AI score0.00269EPSS
CVE
CVEadded 2017/07/24 9:29 p.m.31 views

CVE-2016-6118

IBM Emptoris Supplier Lifecycle Management 10.1.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID...

5.4CVSS5.6AI score0.00269EPSS
CVE
CVEadded 2017/07/13 3:29 p.m.31 views

CVE-2016-8951

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to a denial of service attack. An attacker can exploit a vulnerability in the authentication features that could log out users and flood user accounts with emails. IBM X-Force ID: 118838.

7.5CVSS7.3AI score0.00674EPSS
CVE
CVEadded 2017/07/13 3:29 p.m.29 views

CVE-2016-6019

IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

5.4CVSS5.2AI score0.00269EPSS