Skip to main content
CVE-2014-5202 LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in compfight-search.php in the Compfight plugin 1.4 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

XSS WordPress PHP Compfight
NVD
CVSS 2.0
3.5
EPSS
0.1%
CVE-2014-3031 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Tivoli Business Service Manager 4.2.0 before 4.2.0.0 IF12 and 4.2.1 before 4.2.1.3 IF9 allows remote authenticated users to inject arbitrary web script. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Tivoli Business Service Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-3102 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.0 through 7.0.0.2 CF28 and 8.0.0 before 8.0.0.1 CF13 allows remote authenticated users to inject arbitrary web script or HTML via. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Websphere Portal
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-3069 LOW PATCH Monitor

Multiple CRLF injection vulnerabilities in the Universal Access component in IBM Curam Social Program Management (SPM) 6.0.5.5, when WebSphere Application Server is not used, allow remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM Code Injection Curam Social Program Management
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-4757 LOW PATCH Monitor

The Outlook Extension in IBM Content Collector 4.0.0.x before 4.0.0.0-ICC-OE-IF004 allows local users to bypass the intended Reviewer privilege requirement and read e-mail messages from an arbitrary. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

IBM Privilege Escalation Microsoft Content Collector
NVD
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy