Ibm

Marketing Platform

13 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2017-1107

  • EPSS 0.35%
  • Published 19.06.2019 14:15:10
  • Last modified 21.11.2024 03:21:20

IBM Marketing Platform 9.1.0, 9.1.2, 10.0, and 10.1 exposes sensitive information in the headers that could be used by an authenticated attacker in further attacks against the system. IBM X-Force ID: 120906.

7.1

CVE-2018-1424

  • EPSS 0.51%
  • Published 07.12.2018 16:29:00
  • Last modified 21.11.2024 03:59:47

IBM Marketing Platform 9.1.0, 9.1.2, and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM ...

7.1

CVE-2018-1920

  • EPSS 0.51%
  • Published 07.12.2018 16:29:00
  • Last modified 21.11.2024 04:00:35

IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X...

8.8

CVE-2016-6112

  • EPSS 0.35%
  • Published 22.05.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282.

6.1

CVE-2016-0255

  • EPSS 0.21%
  • Published 05.05.2017 19:29:00
  • Last modified 20.04.2025 01:37:25

IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be execu...

5.4

CVE-2016-0228

  • EPSS 0.1%
  • Published 17.04.2017 21:59:00
  • Last modified 20.04.2025 01:37:25

IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to redirect a victim to arbitrary Web sites. IBM X-Force ...

8.8

CVE-2016-0233

  • EPSS 0.48%
  • Published 28.06.2016 01:59:02
  • Last modified 12.04.2025 10:46:40

SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

6.1

CVE-2016-0229

  • EPSS 0.23%
  • Published 28.06.2016 01:59:01
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 8.6.x and 9.x before 9.1.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

9.8

CVE-2016-0224

  • EPSS 0.52%
  • Published 28.06.2016 01:59:00
  • Last modified 12.04.2025 10:46:40

SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

4.9

CVE-2013-6308

  • EPSS 0.15%
  • Published 28.06.2014 00:55:03
  • Last modified 12.04.2025 10:46:40

IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to conduct phishing attacks and capture login credentials via an unspecified injection.