Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ibm tririga application platform 3.4.2.1 vulnerabilities and exploits

(subscribe to this query)
490
VMScore
CVE-2016-0300
IBM TRIRIGA Application Platform 3.3 prior to 3.3.2.6, 3.4 prior to 3.4.2.3, and 3.5 prior to 3.5.0.1 might allow remote malicious users to access arbitrary JSP pages via vectors related to improper input validation. IBM X-Force ID: 111412.
Ibm Tririga Application Platform 3.3.0.2Ibm Tririga Application Platform 3.3.1.1Ibm Tririga Application Platform 3.3.2.5Ibm Tririga Application Platform 3.4.1.1Ibm Tririga Application Platform 3.3.1.3Ibm Tririga Application Platform 3.3.2.0Ibm Tririga Application Platform 3.3.2.1Ibm Tririga Application Platform 3.3.2.3Ibm Tririga Application Platform 3.3.1.0Ibm Tririga Application Platform 3.3.1.2Ibm Tririga Application Platform 3.3.2.4Ibm Tririga Application Platform 3.4.0.0Ibm Tririga Application Platform 3.4.1.2Ibm Tririga Application Platform 3.5.0.0Ibm Tririga Application Platform 3.3.0.0Ibm Tririga Application Platform 3.3.0.1Ibm Tririga Application Platform 3.4.1.3Ibm Tririga Application Platform 3.4.2.0Ibm Tririga Application Platform 3.4.2.1Ibm Tririga Application Platform 3.4.2.2
534
VMScore
CVE-2016-0386
Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3 prior to 3.3.2.6, 3.4 prior to 3.4.2.4, and 3.5 prior to 3.5.0.2 allows remote authenticated users to hijack the authentication of administrators for requests that delete employees.
Ibm Tririga Application Platform 3.5.0.0Ibm Tririga Application Platform 3.4.2.2Ibm Tririga Application Platform 3.3.2.5Ibm Tririga Application Platform 3.3.2.3Ibm Tririga Application Platform 3.3.1.1Ibm Tririga Application Platform 3.3.0.2Ibm Tririga Application Platform 3.3.0.0Ibm Tririga Application Platform 3.4.2.0Ibm Tririga Application Platform 3.4.1.3Ibm Tririga Application Platform 3.4.1.2Ibm Tririga Application Platform 3.4.1.1Ibm Tririga Application Platform 3.5.0.1Ibm Tririga Application Platform 3.3.2.1Ibm Tririga Application Platform 3.3.2.0Ibm Tririga Application Platform 3.3.1.3Ibm Tririga Application Platform 3.3.1.2Ibm Tririga Application Platform 3.4.2.3Ibm Tririga Application Platform 3.4.2.1Ibm Tririga Application Platform 3.4.0.0Ibm Tririga Application Platform 3.3.2.4Ibm Tririga Application Platform 3.3.1.0Ibm Tririga Application Platform 3.3.0.1
356
VMScore
CVE-2016-2882
IBM TRIRIGA Application Platform 3.3 prior to 3.3.2.6, 3.4 prior to 3.4.2.4, and 3.5 prior to 3.5.0.2 allows remote authenticated users to obtain sensitive information by reading HTTP responses.
Ibm Tririga Application Platform 3.5.0.0Ibm Tririga Application Platform 3.4.2.3Ibm Tririga Application Platform 3.4.0.0Ibm Tririga Application Platform 3.4.2.2Ibm Tririga Application Platform 3.4.2.1Ibm Tririga Application Platform 3.3.2.4Ibm Tririga Application Platform 3.3.2.3Ibm Tririga Application Platform 3.3.0.2Ibm Tririga Application Platform 3.3.0.1Ibm Tririga Application Platform 3.4.2.0Ibm Tririga Application Platform 3.4.1.3Ibm Tririga Application Platform 3.3.2.1Ibm Tririga Application Platform 3.3.2.0Ibm Tririga Application Platform 3.3.0.0Ibm Tririga Application Platform 3.3.2.5Ibm Tririga Application Platform 3.3.1.1Ibm Tririga Application Platform 3.3.1.0Ibm Tririga Application Platform 3.5.0.1Ibm Tririga Application Platform 3.4.1.2Ibm Tririga Application Platform 3.4.1.1Ibm Tririga Application Platform 3.3.1.3Ibm Tririga Application Platform 3.3.1.2
312
VMScore
CVE-2016-2883
Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 prior to 3.3.2.6, 3.4 prior to 3.4.2.4, and 3.5 prior to 3.5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-03...
Ibm Tririga Application Platform 3.5.0.1Ibm Tririga Application Platform 3.4.1.2Ibm Tririga Application Platform 3.4.1.1Ibm Tririga Application Platform 3.3.1.3Ibm Tririga Application Platform 3.3.1.2Ibm Tririga Application Platform 3.5.0.0Ibm Tririga Application Platform 3.4.2.3Ibm Tririga Application Platform 3.4.0.0Ibm Tririga Application Platform 3.3.2.5Ibm Tririga Application Platform 3.3.1.1Ibm Tririga Application Platform 3.3.1.0Ibm Tririga Application Platform 3.4.2.2Ibm Tririga Application Platform 3.4.2.1Ibm Tririga Application Platform 3.3.2.4Ibm Tririga Application Platform 3.3.2.3Ibm Tririga Application Platform 3.3.0.2Ibm Tririga Application Platform 3.3.0.1Ibm Tririga Application Platform 3.4.2.0Ibm Tririga Application Platform 3.4.1.3Ibm Tririga Application Platform 3.3.2.1Ibm Tririga Application Platform 3.3.2.0Ibm Tririga Application Platform 3.3.0.0
312
VMScore
CVE-2016-0387
Cross-site scripting (XSS) vulnerability in IBM TRIRIGA Application Platform 3.3 prior to 3.3.2.6, 3.4 prior to 3.4.2.4, and 3.5 prior to 3.5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-28...
Ibm Tririga Application Platform 3.4.2.2Ibm Tririga Application Platform 3.4.2.1Ibm Tririga Application Platform 3.3.2.1Ibm Tririga Application Platform 3.3.2.0Ibm Tririga Application Platform 3.3.0.1Ibm Tririga Application Platform 3.3.0.0Ibm Tririga Application Platform 3.4.2.0Ibm Tririga Application Platform 3.4.1.2Ibm Tririga Application Platform 3.3.1.2Ibm Tririga Application Platform 3.3.1.1Ibm Tririga Application Platform 3.3.2.4Ibm Tririga Application Platform 3.4.0.0Ibm Tririga Application Platform 3.5.0.1Ibm Tririga Application Platform 3.4.1.3Ibm Tririga Application Platform 3.4.1.1Ibm Tririga Application Platform 3.3.2.3Ibm Tririga Application Platform 3.3.2.5Ibm Tririga Application Platform 3.5.0.0Ibm Tririga Application Platform 3.4.2.3Ibm Tririga Application Platform 3.4.1.0Ibm Tririga Application Platform 3.4.0.1Ibm Tririga Application Platform 3.3.2.2
356
VMScore
CVE-2016-0362
IBM TRIRIGA Application Platform 3.3 prior to 3.3.2.6, 3.4 prior to 3.4.2.4, and 3.5 prior to 3.5.0.2 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet or Internet hosts, via a crafted proxy ...
Ibm Tririga Application Platform 3.4.1.3Ibm Tririga Application Platform 3.4.1.1Ibm Tririga Application Platform 3.3.2.4Ibm Tririga Application Platform 3.3.2.2Ibm Tririga Application Platform 3.3.2.0Ibm Tririga Application Platform 3.3.0.2Ibm Tririga Application Platform 3.3.0.0Ibm Tririga Application Platform 3.5.0.0Ibm Tririga Application Platform 3.4.2.3Ibm Tririga Application Platform 3.4.2.2Ibm Tririga Application Platform 3.4.2.1Ibm Tririga Application Platform 3.3.1.3Ibm Tririga Application Platform 3.3.1.2Ibm Tririga Application Platform 3.3.1.1Ibm Tririga Application Platform 3.3.1.0Ibm Tririga Application Platform 3.4.1.0Ibm Tririga Application Platform 3.4.0.1Ibm Tririga Application Platform 3.4.0.0Ibm Tririga Application Platform 3.3.2.5Ibm Tririga Application Platform 3.5.0.1Ibm Tririga Application Platform 3.4.2.0Ibm Tririga Application Platform 3.4.1.2
578
VMScore
CVE-2016-0374
The builder tools in IBM TRIRIGA Application Platform 3.3 prior to 3.3.2.6, 3.4 prior to 3.4.2.4, and 3.5 prior to 3.5.0.2 allow remote authenticated users to gain privileges for application modification via unspecified vectors.
Ibm Tririga Application Platform 3.5.0.1Ibm Tririga Application Platform 3.5.0.0Ibm Tririga Application Platform 3.4.2.3Ibm Tririga Application Platform 3.4.2.2Ibm Tririga Application Platform 3.3.2.1Ibm Tririga Application Platform 3.3.2.0Ibm Tririga Application Platform 3.3.1.3Ibm Tririga Application Platform 3.3.1.2Ibm Tririga Application Platform 3.3.1.1Ibm Tririga Application Platform 3.4.2.0Ibm Tririga Application Platform 3.4.1.2Ibm Tririga Application Platform 3.3.2.5Ibm Tririga Application Platform 3.3.2.3Ibm Tririga Application Platform 3.3.1.0Ibm Tririga Application Platform 3.3.0.1Ibm Tririga Application Platform 3.4.1.1Ibm Tririga Application Platform 3.4.1.0Ibm Tririga Application Platform 3.4.0.1Ibm Tririga Application Platform 3.4.0.0Ibm Tririga Application Platform 3.4.2.1Ibm Tririga Application Platform 3.4.1.3Ibm Tririga Application Platform 3.3.2.4
312
VMScore
CVE-2016-9737
IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: ...
Ibm Tririga Application Platform 3.5.2Ibm Tririga Application Platform 3.3.1.3Ibm Tririga Application Platform 3.3.2.3Ibm Tririga Application Platform 3.3.2.4Ibm Tririga Application Platform 3.3.2.5Ibm Tririga Application Platform 3.4.2.5Ibm Tririga Application Platform 3.3.2.1Ibm Tririga Application Platform 3.4.0.1Ibm Tririga Application Platform 3.4.1.1Ibm Tririga Application Platform 3.4.2.2Ibm Tririga Application Platform 3.4.2.4Ibm Tririga Application Platform 3.3.0.1Ibm Tririga Application Platform 3.3.0.2Ibm Tririga Application Platform 3.3.1.0Ibm Tririga Application Platform 3.3.1.1Ibm Tririga Application Platform 3.4.1.2Ibm Tririga Application Platform 3.4.1.3Ibm Tririga Application Platform 3.4.2.0Ibm Tririga Application Platform 3.4.2.1Ibm Tririga Application Platform 3.3.0.0Ibm Tririga Application Platform 3.3.1.2Ibm Tririga Application Platform 3.3.2.0
578
VMScore
CVE-2017-1153
IBM TRIRIGA Report Manager 3.2 up to and including 3.5 contains a vulnerability that could allow an authenticated user to execute actions that they do not have access to. IBM Reference #: 1999563.
Ibm Tririga Application Platform 3.5.1.3Ibm Tririga Application Platform 3.5.0.0Ibm Tririga Application Platform 3.3.1.3Ibm Tririga Application Platform 3.3.2.1Ibm Tririga Application Platform 3.4.1.0Ibm Tririga Application Platform 3.4.1.2Ibm Tririga Application Platform 3.4.2.3Ibm Tririga Application Platform 3.4.2.5Ibm Tririga Application Platform 3.5.0.2Ibm Tririga Application Platform 3.5.1Ibm Tririga Application Platform 3.5.1.1Ibm Tririga Application Platform 3.5.1.2Ibm Tririga Application Platform 3.3.2.3Ibm Tririga Application Platform 3.3.2.4Ibm Tririga Application Platform 3.3.2.5Ibm Tririga Application Platform 3.4.0.0Ibm Tririga Application Platform 3.3.0.1Ibm Tririga Application Platform 3.3.0.2Ibm Tririga Application Platform 3.3.1.0Ibm Tririga Application Platform 3.3.1.1Ibm Tririga Application Platform 3.3.1.2Ibm Tririga Application Platform 3.4.1.3
356
VMScore
CVE-2017-1171
The IBM TRIRIGA Application Platform 3.3, 3,4, and 3,5 contain a vulnerability that could allow an authenticated user to execute Application actions they do not have access to. IBM Reference #: 2001083.
Ibm Tririga Application Platform 3.3.1.1Ibm Tririga Application Platform 3.3.1.3Ibm Tririga Application Platform 3.4.0.0Ibm Tririga Application Platform 3.4.1.0Ibm Tririga Application Platform 3.4.2.3Ibm Tririga Application Platform 3.4.2.5Ibm Tririga Application Platform 3.5.1.1Ibm Tririga Application Platform 3.5.1.3Ibm Tririga Application Platform 3.3.2.1Ibm Tririga Application Platform 3.3.2.2Ibm Tririga Application Platform 3.3.2.3Ibm Tririga Application Platform 3.3.2.4Ibm Tririga Application Platform 3.5.0.0Ibm Tririga Application Platform 3.5.0.1Ibm Tririga Application Platform 3.5.0.2Ibm Tririga Application Platform 3.5.1Ibm Tririga Application Platform 3.3.0.0Ibm Tririga Application Platform 3.3.0.1Ibm Tririga Application Platform 3.3.0.2Ibm Tririga Application Platform 3.3.1.0Ibm Tririga Application Platform 3.4.1.2Ibm Tririga Application Platform 3.4.1.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook