Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
curam social program management vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2015-7401
IBM Curam Social Program Management 6.1.x prior to 6.1.1.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive document information by guessing the document id. IBM X-Force ID: 107106.
Ibm Curam Social Program Management
3.5
CVSSv2
CVE-2014-3069
Multiple CRLF injection vulnerabilities in the Universal Access component in IBM Curam Social Program Management (SPM) 6.0.5.5, when WebSphere Application Server is not used, allow remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting att...
Ibm Curam Social Program Management 6.0.5.5
4.3
CVSSv2
CVE-2018-1671
IBM Curam Social Program Management 7.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-force ID: 144951.
Ibm Curam Social Program Management 7.0.3.0
3.5
CVSSv2
CVE-2015-7402
Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.1 prior to 6.1.1.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Curam Social Program Management 6.1
6.5
CVSSv2
CVE-2022-22318
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
Ibm Curam Social Program Management 8.0.1
Ibm Curam Social Program Management 8.0.0
7.5
CVSSv2
CVE-2022-22317
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281.
Ibm Curam Social Program Management 8.0.1
Ibm Curam Social Program Management 8.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5