|
267291
|
4.3 |
MEDIUM
Network
|
ibm
|
emptoris_contract_management
|
IBM Emptoris Contract Management 10.0 and 10.1 reveals detailed error messages in certain features that could cause an attacker to gain additional information to conduct further attacks. IBM X-Force …
|
CWE-200
Information Exposure
|
CVE-2016-6018
|
2024-11-21 11:55 |
2017-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267292
|
6.5 |
MEDIUM
Network
|
redhat
|
enterprise_linux
|
The mod_dontdothat component of the mod_dav_svn Apache module in Subversion as packaged in Red Hat Enterprise Linux 5.11 does not properly detect recursion during entity expansion, which allows remot…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2016-6312
|
2024-11-21 11:55 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267293
|
5.4 |
MEDIUM
Network
|
ibm
|
emptoris_strategic_supply_management
|
IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6019
|
2024-11-21 11:55 |
2017-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267294
|
5.4 |
MEDIUM
Network
|
ibm
|
emptoris_sourcing
|
IBM Emptoris Sourcing 9.5.x through 10.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functiona…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6114
|
2024-11-21 11:55 |
2017-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267295
|
6.1 |
MEDIUM
Network
|
ektron
|
ektron_content_management_system
|
Cross-site scripting (XSS) vulnerability in Ektron Content Management System (CMS) before 9.1.0.184 SP3 (9.1.0.184.3.127) allows remote attackers to inject arbitrary web script or HTML via the ContTy…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6201
|
2024-11-21 11:55 |
2017-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267296
|
6.1 |
MEDIUM
Network
|
bestpractical
|
request_tracker
|
Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2, when the AlwaysDownloadAttachments config setting is not in use, allow…
|
CWE-79
Cross-site Scripting
|
CVE-2016-6127
|
2024-11-21 11:55 |
2017-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267297
|
7.5 |
HIGH
Network
|
fedoraproject
elog_project
|
fedora
elog
|
elog 3.1.1 allows remote attackers to post data as any username in the logbook.
|
CWE-284
Improper Access Control
|
CVE-2016-6342
|
2024-11-21 11:55 |
2017-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267298
|
5.3 |
MEDIUM
Network
|
ibm
|
tivoli_monitoring
|
IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696.
|
CWE-200
Information Exposure
|
CVE-2016-6083
|
2024-11-21 11:55 |
2017-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267299
|
5.5 |
MEDIUM
Local
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 115336.
|
CWE-200
Information Exposure
|
CVE-2016-5893
|
2024-11-21 11:55 |
2017-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267300
|
8.1 |
HIGH
Network
|
ibm
|
tivoli_key_lifecycle_manager
security_key_lifecycle_manager
|
IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
|
CWE-284
Improper Access Control
|
CVE-2016-6098
|
2024-11-21 11:55 |
2017-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
