NotCVE - vendor:"Ibm" product:"Curam Social Program Management" version:"6.0.5.5"

Page 3 of 24 results (0.005 seconds)

CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2014-4804

https://notcve.org/view.php?id=CVE-2014-4804

14 Feb 2015 — Curam Universal Access in IBM Curam Social Program Management 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4.5 before iFix007, 6.0.5.4 before iFix005, and 6.0.5.5 before iFix003, when SPI inclusion is enabled, allows remote attackers to obtain sensitive user data by visiting an unspecified page. Curam Universal Access en IBM Curam Social Program Management 5.2 anterior a SP6 EP6, 6.0 SP2 anterior a EP26, 6.0.4.5 anterior a iFix007, 6.0.5.4 anterior a iFix005, y 6.0.5.5 anterior a iFix003, cuando la inclusió... • http://www-01.ibm.com/support/docview.wss?uid=swg21695931 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.9EPSS: 0%CPEs: 13EXPL: 0

CVE-2014-4803

https://notcve.org/view.php?id=CVE-2014-4803

13 Feb 2015 — CRLF injection vulnerability in the Universal Access implementation in IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5 iFix007, and 6.0.5 before 6.0.5.5 iFix003, when WebSphere Application Server is not used, allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via an unspecified parameter. Vulnerabilidad de inyección CRLF en la implementación Universal Access en IBM Curam Social Program Management 6.0 SP2 anterior a EP2... • http://www-01.ibm.com/support/docview.wss?uid=swg21695925 •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-3096

https://notcve.org/view.php?id=CVE-2014-3096

10 Jan 2015 — Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management before 6.0.5.5a allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en IBM Curam Social Program Management anterior a 6.0.5.5a permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de una URL manipulada. • http://www-01.ibm.com/support/docview.wss?uid=swg21692994 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-3069

https://notcve.org/view.php?id=CVE-2014-3069

12 Aug 2014 — Multiple CRLF injection vulnerabilities in the Universal Access component in IBM Curam Social Program Management (SPM) 6.0.5.5, when WebSphere Application Server is not used, allow remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified parameters. Múltiples vulnerabilidades de inyección CRLF en el componente Universal Access en IBM Curam Social Program Management (SPM) 6.0.5.5, cuando WebSphere Application Server no está utilizado, permiten a ... • http://secunia.com/advisories/59688 •

1 2 3