CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-5409
https://notcve.org/view.php?id=CVE-2013-5409
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Múltiples vulnerabilidades de inyección SQL en IBM Sterling Integrator 5.2 y Sterling File Gateway 2.2 permite a usuarios remotos autenticados ejecutar comandos SQL de forma arbitraria a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1IC96049 http://www-01.ibm.com/support/docview.wss?uid=swg21657539 https://exchange.xforce.ibmcloud.com/vulnerabilities/87358 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2013-5411
https://notcve.org/view.php?id=CVE-2013-5411
IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote attackers to inject links and trigger unintended navigation or actions via unspecified vectors. IBM Sterling B2B Integrator 5.2 y Sterling File Gateway 2.2 permite a atacantes remotos inyectar enlaces y disparar navegación o acciones no contempladas a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1IC96059 http://www-01.ibm.com/support/docview.wss?uid=swg21657539 https://exchange.xforce.ibmcloud.com/vulnerabilities/87360 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2013-5413
https://notcve.org/view.php?id=CVE-2013-5413
IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not invalidate a session upon a logout action, which allows remote attackers to bypass authentication by leveraging an unattended workstation. IBM Sterling B2B Integrator 5.2 y Sterling File Gateway 2.2 no invalidan la sesión en una acción de logout, lo cual permite a atacantes remotos sortear la autenticación aprovechando una estación desatendida. • http://www-01.ibm.com/support/docview.wss?uid=swg1IC96051 http://www-01.ibm.com/support/docview.wss?uid=swg21657539 https://exchange.xforce.ibmcloud.com/vulnerabilities/87362 • CWE-287: Improper Authentication •
CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-5405
https://notcve.org/view.php?id=CVE-2013-5405
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters. Múltiples vulnerabilidades cross-site scripting (XSS) en IBM Sterling B2B Integrator 5.2 y Sterling File Gateway 2.2 permiten a usuarios remotos autenticados inyectar script web o HTML de forma arbitraria a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1IC96053 http://www-01.ibm.com/support/docview.wss?uid=swg21657539 http://www.securityfocus.com/bid/64443 https://exchange.xforce.ibmcloud.com/vulnerabilities/87354 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-5406
https://notcve.org/view.php?id=CVE-2013-5406
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, leading to improper interaction with the Windows MHTML protocol handler. Múltiples vulnerabilidades cross-site scripting (XSS) en IBM Sterling B2B Integrator 5.2 y Sterling File Gateway 2.2 permite a usuarios remotos autenticados inyectar script web o HTML de forma arbitraria a través de parámetros no especificados, llevando a una interacción inapropiada con el manejador de protocolo Windows MHTML. • http://www-01.ibm.com/support/docview.wss?uid=swg1IC96055 http://www-01.ibm.com/support/docview.wss?uid=swg21657539 http://www.securityfocus.com/bid/64446 https://exchange.xforce.ibmcloud.com/vulnerabilities/87355 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •