Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm omnifind 9.0 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2010-3892
Session fixation vulnerability in the login form in the administrator interface in IBM OmniFind Enterprise Edition 8.x and 9.x allows remote malicious users to hijack web sessions by replaying a session ID (aka SID) value.
Ibm Omnifind 8.0
Ibm Omnifind 8.4
Ibm Omnifind 8.5
Ibm Omnifind 9.0
Ibm Omnifind 9.1
755
VMScore
CVE-2010-3893
The administrator interface in IBM OmniFind Enterprise Edition 8.x and 9.x does not restrict use of a session ID (aka SID) value to a single IP address, which allows remote malicious users to perform arbitrary administrative actions by leveraging cookie theft, related to a "...
Ibm Omnifind 8.0
Ibm Omnifind 8.4
Ibm Omnifind 9.1
Ibm Omnifind 8.5
Ibm Omnifind 9.0
1 EDB exploit
668
VMScore
CVE-2010-3896
The ESSearchApplication directory tree in IBM OmniFind Enterprise Edition 8.x and 9.x does not require authentication, which allows remote malicious users to modify the server configuration via a request to palette.do.
Ibm Omnifind 8.0
Ibm Omnifind 9.1
Ibm Omnifind 8.4
Ibm Omnifind 8.5
Ibm Omnifind 9.0
445
VMScore
CVE-2010-3897
ESSearchApplication/palette.do in IBM OmniFind Enterprise Edition 8.x and 9.x includes the administrator password in the HTML source code, which might allow remote malicious users to obtain sensitive information by leveraging read access to this file.
Ibm Omnifind 9.0
Ibm Omnifind 9.1
Ibm Omnifind 8.4
Ibm Omnifind 8.5
Ibm Omnifind 8.0
445
VMScore
CVE-2010-3898
IBM OmniFind Enterprise Edition 8.x and 9.x does not properly restrict the cookie path of administrator (aka ESAdmin) cookies, which might allow remote malicious users to bypass authentication by leveraging access to other pages on the web site.
Ibm Omnifind 9.0
Ibm Omnifind 9.1
Ibm Omnifind 8.4
Ibm Omnifind 8.5
Ibm Omnifind 8.0
505
VMScore
CVE-2010-3899
IBM OmniFind Enterprise Edition 8.x and 9.x performs web crawls with an unlimited recursion depth, which allows remote web servers to cause a denial of service (infinite loop) via a crafted series of documents.
Ibm Omnifind 8.0
Ibm Omnifind 9.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started