Ibm Marketing Platform — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Marketing Platform, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2016-0224 — CVSS 9.8 (critical): SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote attackers to execute arbitrary SQL…
CVE-2016-0233 — CVSS 8.8 (high): SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote authenticated users to execute…
CVE-2016-6112 — CVSS 8.8 (high): IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and…
CVE-2018-1920 — CVSS 7.1 (high): IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A…
CVE-2018-1424 — CVSS 7.1 (high): IBM Marketing Platform 9.1.0, 9.1.2, and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A…
CVE-2013-6311 — CVSS 6.5 (medium): SQL injection vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to execute arbitrary SQL commands…
CVE-2016-0229 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 8.6.x and 9.x before 9.1.2.2 allows remote attackers to inject arbitrary…
CVE-2016-0255 — CVSS 6.1 (medium): IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A…
CVE-2013-6309 — CVSS 6.0 (medium): IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to hijack sessions, and consequently read records, modify records…
CVE-2016-0228 — CVSS 5.4 (medium): IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various…
CVE-2013-6308 — CVSS 4.9 (medium): IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to conduct phishing attacks and capture login credentials via an…
CVE-2017-1107 — CVSS 4.3 (medium): IBM Marketing Platform 9.1.0, 9.1.2, 10.0, and 10.1 exposes sensitive information in the headers that could be used by an authenticated…
CVE-2013-6310 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to inject arbitrary web…