4 results (0.034 seconds)

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

Cross-site scripting (XSS) vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el servidor Collaborative Information Manager, como el usado en TIBCO Collaborative Information Manager anteriores a v8.1.0 y ActiveCatalog anteriores a v1.0.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://osvdb.org/70372 http://secunia.com/advisories/42791 http://www.securityfocus.com/bid/45691 http://www.securitytracker.com/id?1024942 http://www.tibco.com/multimedia/cim_advisory_20110105_tcm8-12765.txt http://www.tibco.com/services/support/advisories/cim-advisory_20100105.jsp http://www.vupen.com/english/advisories/2011/0037 https://exchange.xforce.ibmcloud.com/vulnerabilities/64521 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

Session fixation vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to hijack web sessions via unspecified vectors. Vulnerabilidad de fijación de sesión en el servidor Collaborative Information Manager, como el usado den TIBCO Collaborative Información Manager anteriores a v8.1.0 y ActiveCatalog anteriores a v1.0.1 permite a atacantes remotos secuestrar sesiones web a través de vectores sin expecificar. • http://osvdb.org/70374 http://secunia.com/advisories/42791 http://www.securityfocus.com/bid/45691 http://www.securitytracker.com/id?1024942 http://www.tibco.com/multimedia/cim_advisory_20110105_tcm8-12765.txt http://www.tibco.com/services/support/advisories/cim-advisory_20100105.jsp http://www.vupen.com/english/advisories/2011/0037 https://exchange.xforce.ibmcloud.com/vulnerabilities/64523 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

Multiple SQL injection vulnerabilities in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allow remote attackers to execute arbitrary SQL commands via unspecified vectors. Múltiples vulnerabilidades de inyección SQL en Collaborative Information Manager, como el que se usa en TIBCO Collaborative Information Manager anteriores a v8.1.0 y ActiveCatalog anteriores a 1.0.1, permite a atacantes remotos ejecutar comandos SQL a través de vectores no especificados. • http://osvdb.org/70371 http://secunia.com/advisories/42791 http://www.securityfocus.com/bid/45691 http://www.securitytracker.com/id?1024942 http://www.tibco.com/multimedia/cim_advisory_20110105_tcm8-12765.txt http://www.tibco.com/services/support/advisories/cim-advisory_20100105.jsp http://www.vupen.com/english/advisories/2011/0037 https://exchange.xforce.ibmcloud.com/vulnerabilities/64520 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0

Unspecified vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL. Vulnerabilidad no especificada en Collaborative Information Manager, como el usado en TIBCO Collaborative Information Manager anteriores a v8.1.0 y ActiveCatalog anteriores a v1.0.1, permite a atacantes remotos la modificación de datos u obtener información sensible a través de una URL manipulada. • http://osvdb.org/70373 http://secunia.com/advisories/42791 http://www.securityfocus.com/bid/45691 http://www.securitytracker.com/id?1024942 http://www.tibco.com/multimedia/cim_advisory_20110105_tcm8-12765.txt http://www.tibco.com/services/support/advisories/cim-advisory_20100105.jsp http://www.vupen.com/english/advisories/2011/0037 https://exchange.xforce.ibmcloud.com/vulnerabilities/64522 •