Vulnerabilities > IBM > Spss Analytical Decision Management > 6.1.0.0

DATE CVE VULNERABILITY TITLE RISK
2013-09-16 CVE-2013-5369 Code Injection vulnerability in IBM Spss Analytical Decision Management 6.1.0.0/6.2.0.0/7.0.0.0
IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 might allow remote attackers to execute arbitrary code by deploying and accessing a service.
network
ibm CWE-94
critical
 9.3
9.3
2013-09-16 CVE-2013-4049 Arbitrary File Upload vulnerability in IBM Spss Analytical Decision Management 6.1.0.0/6.2.0.0/7.0.0.0
Unrestricted file upload vulnerability in IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 allows remote authenticated users to execute arbitrary code by uploading and accessing a JSP file.
network
ibm
8.5
8.5
2013-09-16 CVE-2013-4048 Cross-Site Scripting vulnerability in IBM Spss Analytical Decision Management 6.1.0.0/6.2.0.0/7.0.0.0
Cross-site scripting (XSS) vulnerability in IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving addition of script to a page.
network
ibm CWE-79
3.5
3.5
2013-09-16 CVE-2013-4047 Cross-Site Scripting vulnerability in IBM Spss Analytical Decision Management 6.1.0.0/6.2.0.0/7.0.0.0
Cross-site scripting (XSS) vulnerability in IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 allows remote attackers to inject arbitrary web script or HTML via a crafted link.
network
ibm CWE-79
4.3
4.3