CVSS: 6.5EPSS: 0%CPEs: 25EXPL: 0CVE-2013-5381
https://notcve.org/view.php?id=CVE-2013-5381
IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.3 allows remote authenticated users to gain privileges via unspecified vectors. IBM Maximo Asset Management 6.2 hasta la versión 6.2.8, y 7.1 hasta 7.1.1.12, y 7.5 anterior a la versión 7.5.0.3 permite a usuarios remotos autenticados obtener privilegios a través de vectores sin especificar. • http://secunia.com/advisories/55068 http://secunia.com/advisories/55070 http://www-01.ibm.com/support/docview.wss?uid=swg1IV35394 http://www-01.ibm.com/support/docview.wss?uid=swg21651085 https://exchange.xforce.ibmcloud.com/vulnerabilities/86932 •
CVSS: 4.0EPSS: 0%CPEs: 16EXPL: 0CVE-2013-3972
https://notcve.org/view.php?id=CVE-2013-3972
IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to obtain sensitive information via unspecified vectors. IBM Maximo Asset Management 7.1 anterior a la versión 7.1.1.12 y 7.5 anterior a la versión 7.5.0.5 permite a usuarios remotos autenticados obtener información sensible a través de vectores sin especificar. • http://secunia.com/advisories/55068 http://www-01.ibm.com/support/docview.wss?uid=swg1IV39089 http://www-01.ibm.com/support/docview.wss?uid=swg21651085 https://exchange.xforce.ibmcloud.com/vulnerabilities/84849 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 22EXPL: 0CVE-2013-0451
https://notcve.org/view.php?id=CVE-2013-0451
SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 7.1 through 7.1.1.12 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en IBM Maximo Asset Management 6.2 hasta la versión 6.2.8 y 7.1 hasta la versión 7.1.1.12 permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a través de vectores sin especificar. • http://secunia.com/advisories/55068 http://secunia.com/advisories/55070 http://www-01.ibm.com/support/docview.wss?uid=swg1IV24726 http://www-01.ibm.com/support/docview.wss?uid=swg21651085 https://exchange.xforce.ibmcloud.com/vulnerabilities/80967 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 3.5EPSS: 0%CPEs: 21EXPL: 0CVE-2013-4019
https://notcve.org/view.php?id=CVE-2013-4019
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 7.1 before 7.1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en IBM Maximo Asset Management 6.2 hasta la versión 6.2.8 y 7.1 anterior a 7.1.1.12 permite a usuarios remotos autenticados inyectar script web arbitrario o HTML a través de vectores sin especificar. • http://secunia.com/advisories/55068 http://secunia.com/advisories/55070 http://www-01.ibm.com/support/docview.wss?uid=swg1IV42664 http://www-01.ibm.com/support/docview.wss?uid=swg21651085 https://exchange.xforce.ibmcloud.com/vulnerabilities/85796 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.0EPSS: 0%CPEs: 17EXPL: 0CVE-2013-3049
https://notcve.org/view.php?id=CVE-2013-3049
IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-3971. IBM Maximo Asset Management 7.1 hasta la versión 7.1.1.12 y 7.5 anterior a 7.5.0.5 permite a usuarios remotos autenticados evitar restricciones de acceso intencionadas a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2013-3971. • http://secunia.com/advisories/55068 http://www-01.ibm.com/support/docview.wss?uid=swg1IV37599 http://www-01.ibm.com/support/docview.wss?uid=swg21651085 https://exchange.xforce.ibmcloud.com/vulnerabilities/84847 •