Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
liferay liferay enterprise portal 4.3.6 vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2008-0178
Cross-site scripting (XSS) vulnerability in the Enterprise Admin Session Monitoring component in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the User-Agent HTTP header.
Liferay Liferay Enterprise Portal 4.3.6
1 EDB exploit
383
VMScore
CVE-2008-0180
Cross-site scripting (XSS) vulnerability in themes/_unstyled/templates/init.vm in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the Greeting field in a User Profile.
Liferay Liferay Enterprise Portal 2.2.0
Liferay Liferay Enterprise Portal 3.6.1
Liferay Liferay Enterprise Portal 4.1
Liferay Liferay Enterprise Portal 4.1.1
Liferay Liferay Enterprise Portal
Liferay Liferay Enterprise Portal 1.0
Liferay Liferay Enterprise Portal 2.1.0
Liferay Liferay Enterprise Portal 4.3.1
Liferay Liferay Enterprise Portal 2.0
Liferay Liferay Enterprise Portal 2.1.1
Liferay Liferay Enterprise Portal 4.1.3
Liferay Liferay Enterprise Portal 4.3.6
383
VMScore
CVE-2008-0563
Cross-site request forgery (CSRF) vulnerability in service/impl/UserLocalServiceImpl.java in Liferay Portal 4.3.6 allows remote malicious users to perform unspecified actions as unspecified authenticated users via the User-Agent HTTP header, which is used when composing Forgot Pa...
Liferay Liferay Enterprise Portal 4.3.6
383
VMScore
CVE-2008-0181
Cross-site scripting (XSS) vulnerability in the Admin portlet in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the Shutdown message.
Liferay Liferay Enterprise Portal 4.3.6
231
VMScore
CVE-2008-0179
Cross-site scripting (XSS) vulnerability in service/impl/UserLocalServiceImpl.java in Liferay Portal 4.3.6 allows remote malicious users to inject arbitrary web script or HTML via the User-Agent HTTP header, which is used when composing Forgot Password e-mail messages in HTML for...
Liferay Liferay Enterprise Portal 4.3.6
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started