|
267991
|
8.8 |
HIGH
Network
|
ibm
|
spectrum_control
tivoli_storage_productivity_center
|
IBM Tivoli Storage Productivity Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website…
|
CWE-352
Origin Validation Error
|
CVE-2016-8941
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267992
|
6.1 |
MEDIUM
Network
|
ibm
|
social_rendering_templates_for_digital_data_connector
|
IBM Social Rendering Templates for Digital Data Connector is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the int…
|
CWE-79
Cross-site Scripting
|
CVE-2016-8936
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267993
|
5.4 |
MEDIUM
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality poten…
|
CWE-79
Cross-site Scripting
|
CVE-2016-8934
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267994
|
6.1 |
MEDIUM
Network
|
ibm
|
web_content_manager_production_analytics
websphere_portal
|
Exphox WebRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to…
|
CWE-79
Cross-site Scripting
|
CVE-2016-8922
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267995
|
8.8 |
HIGH
Network
|
ibm
|
filenet_workplace_xt
|
IBM FileNet WorkPlace XT could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2016-8921
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267996
|
5.4 |
MEDIUM
Network
|
ibm
|
kenexa_lms_on_cloud
|
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended funct…
|
CWE-79
Cross-site Scripting
|
CVE-2016-8920
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267997
|
5.9 |
MEDIUM
Network
|
ibm
|
integration_bus
|
IBM Integration Bus, under non default configurations, could allow a remote user to authenticate without providing valid credentials.
|
CWE-255
Credentials Management
|
CVE-2016-8918
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267998
|
6.5 |
MEDIUM
Network
|
ibm
|
kenexa_lms_on_cloud
|
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequenc…
|
CWE-22
Path Traversal
|
CVE-2016-8913
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267999
|
4.3 |
MEDIUM
Network
|
ibm
|
kenexa_lms_on_cloud
|
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sensitive information in in log files that could be read by an authenticated user.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2016-8912
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268000
|
5.4 |
MEDIUM
Network
|
ibm
|
kenexa_lms_on_cloud
|
IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could…
|
CWE-254
7PK - Security Features
|
CVE-2016-8911
|
2024-11-21 12:00 |
2017-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
