cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2018-1541,https://securityvulnerability.io/vulnerability/CVE-2018-1541,,"IBM WebSphere Commerce Enterprise V7, V8, and V9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142596.",IBM,Websphere Commerce Enterprise,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2018-10-24T12:29:00.000Z,0
CVE-2017-1484,https://securityvulnerability.io/vulnerability/CVE-2017-1484,,"IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 could allow an authenticated attacker to obtain information such as user personal data. IBM X-Force ID: 128622.",IBM,Websphere Commerce Enterprise,4.3,MEDIUM,0.0006699999794363976,false,,false,false,false,,,false,false,,2017-11-27T21:29:00.000Z,0
CVE-2017-1569,https://securityvulnerability.io/vulnerability/CVE-2017-1569,,IBM WebSphere Commerce 7.0 and 8.0 contains an unspecified vulnerability in Marketing ESpot's that could cause a denial of service. IBM X-Force ID: 131779.,IBM,Websphere Commerce Enterprise,7.5,HIGH,0.001769999973475933,false,,false,false,false,,,false,false,,2017-10-03T01:29:00.000Z,0
CVE-2017-1398,https://securityvulnerability.io/vulnerability/CVE-2017-1398,,"IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 6.0, 7.0, and 8.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 127385.",IBM,Websphere Commerce Enterprise,6.1,MEDIUM,0.001180000021122396,false,,false,false,false,,,false,false,,2017-07-10T16:29:00.000Z,0
CVE-2017-1170,https://securityvulnerability.io/vulnerability/CVE-2017-1170,,"IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 8.0 could allow a local user to hijack a user's session. IBM X-Force ID: 123230.",IBM,Websphere Commerce Enterprise,5.3,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-04-26T17:00:00.000Z,0
CVE-2016-5894,https://securityvulnerability.io/vulnerability/CVE-2016-5894,,"IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 is vulnerable to information disclosure vulnerability. A local user could view a plain text password in a Unix console. IBM Reference #: 1997408.",IBM,Websphere Commerce Enterprise,5.1,MEDIUM,0.0007900000200606883,false,,false,false,false,,,false,false,,2017-03-08T19:00:00.000Z,0
CVE-2016-6090,https://securityvulnerability.io/vulnerability/CVE-2016-6090,,"IBM WebSphere Commerce contains an unspecified vulnerability that could allow disclosure of user personal data, performing of unauthorized administrative operations, and potentially causing a denial of service.",IBM,Websphere Commerce Enterprise,9.8,CRITICAL,0.002630000002682209,false,,false,false,false,,,false,false,,2017-02-01T20:00:00.000Z,0
CVE-2015-5015,https://securityvulnerability.io/vulnerability/CVE-2015-5015,,IBM WebSphere Commerce Enterprise 7.0.0.9 and 8.x before Feature Pack 8 allows remote attackers to obtain sensitive information via a crafted REST URL.,IBM,Websphere Commerce Enterprise,,,0.0028899998869746923,false,,false,false,false,,,false,false,,2015-11-08T22:00:00.000Z,0