Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Curam Social Program Management  >> 6.0.0  Security Vulnerabilities
CVE-2016-0261
Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0.0 before SP2 EP29, 6.0.4 before 6.0.4.6 iFix3, 6.0.5 before 6.0.5.9 iFix2, 6.1.0 before 6.1.0.1 iFix1, and 6.1.1 before 6.1.1.1 iFix1; and IBM Care Management 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110604.
CVSS Score
5.4
EPSS Score
0.001
Published
2018-03-12
CVE-2017-1106
IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120744.
CVSS Score
5.4
EPSS Score
0.003
Published
2017-06-28
CVE-2016-8923
IBM Curam Social Program Management 5.2, 6.0, and 7.0 contains a vulnerability that would allow an authorized user to obtain sensitive information from the profile of a higher privileged user that they should not have access to. IBM X-Force ID: 118536.
CVSS Score
4.3
EPSS Score
0.002
Published
2017-04-20
CVE-2016-9978
IBM Curam Social Program Management 5.2, 6.0, and 7.0 could allow an authenticated attacker to disclose sensitive information. IBM X-Force ID: 120254.
CVSS Score
4.3
EPSS Score
0.002
Published
2017-04-20
CVE-2016-9980
IBM Curam Social Program Management 5.2, 6.0, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120256.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-04-20
CVE-2016-6111
IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000833.
CVSS Score
9.1
EPSS Score
0.004
Published
2017-03-31
CVE-2014-3096
Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management before 6.0.5.5a allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVSS Score
3.5
EPSS Score
0.002
Published
2015-01-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved