CVE-2015-0126

Published: Jun 28, 2015Modified: May 6, 2026

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability: 8.0 / Impact: 6.4

Source: NVD

Description

IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 allows remote authenticated users to bypass intended file-upload restrictions via a modified extension.

Affected (10)

Products: Ibm: Leads

Ibm

1 product

Leads

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Ibm Leads	Version 7.1.0
Ibm Leads	Version 7.1.1
Ibm Leads	Version 7.5.0
Ibm Leads	Version 8.1.0
Ibm Leads	Version 8.2.0
Ibm Leads	Version 8.5.0
Ibm Leads	Version 8.6.0
Ibm Leads	Version 9.0.0
Ibm Leads	Version 9.1.0
Ibm Leads	Version 9.1.1

References (2)

http://www-01.ibm.com/support/docview.wss?uid=swg21902807

Source: psirt@us.ibm.com

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21902807

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.