NotCVE - vendor:"Ibm" product:"Curam Social Program Management" version:" >= 6.0.5.0 <= 6.0.5.9"

Page 6 of 28 results (0.004 seconds)

CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-3069

https://notcve.org/view.php?id=CVE-2014-3069

Multiple CRLF injection vulnerabilities in the Universal Access component in IBM Curam Social Program Management (SPM) 6.0.5.5, when WebSphere Application Server is not used, allow remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified parameters. Múltiples vulnerabilidades de inyección CRLF en el componente Universal Access en IBM Curam Social Program Management (SPM) 6.0.5.5, cuando WebSphere Application Server no está utilizado, permiten a usuarios remotos autenticados inyectar cabeceras HTTP arbitrarias y realizar ataques de división de respuestas HTTP a través de parámetros no especificados. • http://secunia.com/advisories/59688 http://www-01.ibm.com/support/docview.wss?uid=swg21681213 https://exchange.xforce.ibmcloud.com/vulnerabilities/94839 •

CVSS: 3.5EPSS: 0%CPEs: 17EXPL: 0

CVE-2014-3013

https://notcve.org/view.php?id=CVE-2014-3013

Multiple cross-site scripting (XSS) vulnerabilities in IBM Curam Social Program Management 4.5 SP10 through 6.0.5.4 allow remote authenticated users to inject arbitrary web script or HTML via crafted input to a (1) custom JSP or (2) custom renderer. Múltiples vulnerabilidades de XSS en IBM Curam Social Program Management 4.5 SP10 hasta 6.0.5.4 permiten a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de entradas manipuladas en un renderizador (1) custom JSP o (2) custom. • http://secunia.com/advisories/59259 http://www-01.ibm.com/support/docview.wss?uid=swg21675415 https://exchange.xforce.ibmcloud.com/vulnerabilities/93011 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 3.5EPSS: 0%CPEs: 15EXPL: 0

CVE-2014-3012

https://notcve.org/view.php?id=CVE-2014-3012

Multiple CRLF injection vulnerabilities in IBM Curam Social Program Management 5.2 SP1 through 6.0.5.4 allow remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified parameters to custom JSPs. Múltiples vulnerabilidades de inyección CRLF en IBM Curam Social Program Management 5.2 SP1 hasta 6.0.5.4 permiten a usuarios remotos autenticados inyectar cabeceras HTTP arbitrarias y realizar ataques de división de respuesta HTTP a través de parámetros no especificados en custom JSPs. • http://secunia.com/advisories/59257 http://www-01.ibm.com/support/docview.wss?uid=swg21675454 https://exchange.xforce.ibmcloud.com/vulnerabilities/93010 •

1...4 5 6