Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
curam social program management vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3096
Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management prior to 6.0.5.5a allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Curam Social Program Management
6.1
CVSSv3
CVE-2018-1671
IBM Curam Social Program Management 7.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-force ID: 144951.
Ibm Curam Social Program Management 7.0.3.0
5.4
CVSSv3
CVE-2015-7402
Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.1 prior to 6.1.1.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Curam Social Program Management 6.1
NA
CVE-2014-3069
Multiple CRLF injection vulnerabilities in the Universal Access component in IBM Curam Social Program Management (SPM) 6.0.5.5, when WebSphere Application Server is not used, allow remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting att...
Ibm Curam Social Program Management 6.0.5.5
9.8
CVSSv3
CVE-2022-22318
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
Ibm Curam Social Program Management 8.0.1
Ibm Curam Social Program Management 8.0.0
9.8
CVSSv3
CVE-2022-22317
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281.
Ibm Curam Social Program Management 8.0.1
Ibm Curam Social Program Management 8.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5