|
252471
|
8.8 |
HIGH
Network
|
ibm
|
financial_transaction_manager
|
IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0.0 through 3.0.0.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allo…
|
CWE-89
SQL Injection
|
CVE-2017-1606
|
2024-11-21 12:22 |
2017-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252472
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2 could allow an authenticated user to change other user's passwords. IBM X-Force ID: 131290.
|
NVD-CWE-noinfo
|
CVE-2017-1550
|
2024-11-21 12:22 |
2017-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252473
|
5.4 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentia…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1549
|
2024-11-21 12:22 |
2017-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252474
|
5.3 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view…
|
CWE-22
Path Traversal
|
CVE-2017-1548
|
2024-11-21 12:22 |
2017-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252475
|
5.4 |
MEDIUM
Network
|
ibm
|
websphere_portal
|
IBM Support Tools for Lotus WCM (IBM WebSphere Portal 7.0, 8.0, 8.5 and 9.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI th…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1536
|
2024-11-21 12:22 |
2017-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252476
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_doors_next_generation
|
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionalit…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1689
|
2024-11-21 12:22 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252477
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_doors_next_generation
|
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionalit…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1688
|
2024-11-21 12:22 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252478
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_doors_next_generation
|
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intende…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1678
|
2024-11-21 12:22 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252479
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_doors_next_generation
|
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionalit…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1650
|
2024-11-21 12:22 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252480
|
6.5 |
MEDIUM
Network
|
ibm
|
business_process_manager
|
IBM Business Process Manager 8.6.0.0 allows authenticated users to stop and resume the Event Manager by calling a REST API with incorrect authorization checks.
|
CWE-863
Incorrect Authorization
|
CVE-2017-1628
|
2024-11-21 12:22 |
2017-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
