CVE-2019-4582 (maximo_asset_management)

IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 167288.

View Full Alert

Related Posts

  • CVE-2019-4478 (maximo_asset_management)

    IBM Maximo Asset Management 7.6.0, and 7.6.1 could allow an authenticated user to obtain highly sensitive information that they should not normally have access to. IBM X-Force ID: 163998. View…

  • CVE-2019-4650 (maximo_asset_management)

    IBM Maximo Asset Management 7.6.1.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information…

  • CVE-2019-19935

    Froala Editor before 3.0.6 allows XSS. View Full Alert