Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere portal 7.0.0.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-6093
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x prior to 7.0.0.2 CF29, 8.0.x up to and including 8.0.0.1 CF14, and 8.5.x prior to 8.5.0 CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
NA
CVE-2012-2181
Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote malicious users to read arbitrary files via a crafted URL.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0
NA
CVE-2012-4834
Directory traversal vulnerability in LayerLoader.jsp in the theme component in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF19 and 8.0 before CF03 allows remote malicious users to read arbitrary files via a crafted URI.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
NA
CVE-2014-3102
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.0 up to and including 7.0.0.2 CF28 and 8.0.0 prior to 8.0.0.1 CF13 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
NA
CVE-2013-6316
IBM WebSphere Portal 7.0.0.x prior to 7.0.0.2 CF26 and 8.0.0.x prior to 8.0.0.1 CF09 does not properly handle content-selection changes during Taxonomy component rendering, which allows remote malicious users to obtain sensitive property information in opportunistic circumstances...
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.0
NA
CVE-2013-5379
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.x prior to 7.0.0.2 CF25 and 8.x prior to 8.0.0.1 CF8 allows remote authenticated users to inject arbitrary web script or HTML by leveraging improper tagging functionality.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
7.8
CVSSv3
CVE-2013-2951
IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. IBM X-Force ID: 83621.
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 8.0.0.0
NA
CVE-2011-2173
The implementation of OutputMediator objects in IBM WebSphere Portal 6.0.1.7, and 7.0.0.1 before CF002, allows remote authenticated users to cause a denial of service (memory consumption) via requests.
Ibm Websphere Portal 6.0.1.7
Ibm Websphere Portal 7.0.0.1
3.1
CVSSv3
CVE-2015-7455
IBM WebSphere Portal 7.x up to and including 7.0.0.2 CF29, 8.0.x prior to 8.0.0.1 CF20, and 8.5.x prior to 8.5.0.0 CF09 uses weak permissions for content items, which allows remote authenticated users to make modifications via the authoring UI.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.0
NA
CVE-2013-0549
Cross-site scripting (XSS) vulnerability in the Web Content Manager - Web Content Viewer Portlet in the server in IBM WebSphere Portal 7.0.0.x up to and including 7.0.0.2 CF22 and 8.0.0.x up to and including 8.0.0.1 CF5, when the IBM Portlet API is used, allows remote malicious u...
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0
Ibm Websphere Portal 8.0.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »