cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2017-1107,https://securityvulnerability.io/vulnerability/CVE-2017-1107,,"IBM Marketing Platform 9.1.0, 9.1.2, 10.0, and 10.1 exposes sensitive information in the headers that could be used by an authenticated attacker in further attacks against the system. IBM X-Force ID: 120906.",IBM,Marketing Platform,4.3,MEDIUM,0.0009200000204145908,false,,false,false,false,,,false,false,,2019-06-19T14:15:00.000Z,0
CVE-2018-1424,https://securityvulnerability.io/vulnerability/CVE-2018-1424,,"IBM Marketing Platform 9.1.0, 9.1.2, and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 139029.",IBM,Marketing Platform,7.1,HIGH,0.0012799999676644802,false,,false,false,false,,,false,false,,2018-12-07T16:29:00.000Z,0
CVE-2018-1920,https://securityvulnerability.io/vulnerability/CVE-2018-1920,,"IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 152855.",IBM,Marketing Platform,7.1,HIGH,0.0014900000533089042,false,,false,false,false,,,false,false,,2018-12-07T16:29:00.000Z,0
CVE-2016-6112,https://securityvulnerability.io/vulnerability/CVE-2016-6112,,"IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282.",IBM,Marketing Platform,8.8,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2017-05-22T20:00:00.000Z,0
CVE-2016-0255,https://securityvulnerability.io/vulnerability/CVE-2016-0255,,"IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 110564.",IBM Corporation,Marketing Platform,6.1,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2017-05-05T19:00:00.000Z,0
CVE-2016-0228,https://securityvulnerability.io/vulnerability/CVE-2016-0228,,"IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to redirect a victim to arbitrary Web sites. IBM X-Force ID: 110236.",IBM Corporation,Marketing Platform,5.4,MEDIUM,0.0005799999926239252,false,,false,false,false,,,false,false,,2017-04-17T21:00:00.000Z,0
CVE-2016-0233,https://securityvulnerability.io/vulnerability/CVE-2016-0233,,"SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.",IBM,Marketing Platform,8.8,HIGH,0.0010400000028312206,false,,false,false,false,,,false,false,,2016-06-28T01:00:00.000Z,0
CVE-2016-0224,https://securityvulnerability.io/vulnerability/CVE-2016-0224,,"SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.",IBM,Marketing Platform,9.8,CRITICAL,0.0013200000394135714,false,,false,false,false,,,false,false,,2016-06-28T01:00:00.000Z,0
CVE-2016-0229,https://securityvulnerability.io/vulnerability/CVE-2016-0229,,Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 8.6.x and 9.x before 9.1.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.,IBM,Marketing Platform,6.1,MEDIUM,0.0012100000167265534,false,,false,false,false,,,false,false,,2016-06-28T01:00:00.000Z,0
CVE-2013-6310,https://securityvulnerability.io/vulnerability/CVE-2013-6310,,Cross-site scripting (XSS) vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.,IBM,Marketing Platform,,,0.0006300000241026282,false,,false,false,false,,,false,false,,2014-06-28T00:00:00.000Z,0
CVE-2013-6311,https://securityvulnerability.io/vulnerability/CVE-2013-6311,,SQL injection vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.,IBM,Marketing Platform,,,0.0012600000482052565,false,,false,false,false,,,false,false,,2014-06-28T00:00:00.000Z,0
CVE-2013-6309,https://securityvulnerability.io/vulnerability/CVE-2013-6309,,"IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to hijack sessions, and consequently read records, modify records, or conduct transactions, via an unspecified link injection.",IBM,Marketing Platform,,,0.0013800000306218863,false,,false,false,false,,,false,false,,2014-06-28T00:00:00.000Z,0
CVE-2013-6308,https://securityvulnerability.io/vulnerability/CVE-2013-6308,,IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to conduct phishing attacks and capture login credentials via an unspecified injection.,IBM,Marketing Platform,,,0.0007600000244565308,false,,false,false,false,,,false,false,,2014-06-28T00:00:00.000Z,0