Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle application server portal vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-6697
CRLF injection vulnerability in webapp/jsp/calendar.jsp in Oracle Portal 10g and previous versions, including 9.0.2, allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the enc parameter.
Oracle Application Server Portal 10g
Oracle Application Server Portal 9.0.2
1 EDB exploit
7.5
CVSSv2
CVE-2003-1193
Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML components packages in Oracle Oracle9i Application Server 9.0.2.00 up to and including 3.0.9.8.5 allow remote malicious users to execute arbitrary SQL commands...
Oracle Application Server Portal 3.0.9.8.5
Oracle Application Server Portal 9.0.2.3
Oracle Oracle9i 9.0.2.2
Oracle Oracle9i 9.0.2.3
Oracle Application Server Portal 9.0.2.3a
Oracle Application Server Portal 9.0.2.3b
Oracle Oracle9i 9.0.2
Oracle Oracle9i 9.0.2.0.0
Oracle Oracle9i 9.0.2.0.1
Oracle Oracle9i 9.0.2.1
6.4
CVSSv2
CVE-2008-2589
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3, 10.1.2.2, and 10.1.4.1 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable rese...
Oracle Application Server 10.1.2.2
Oracle Application Server 10.1.4.1
Oracle Application Server 9.0.4.3
Oracle Oracle Portal Component
6.4
CVSSv2
CVE-2008-2609
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors.
Oracle Application Server 9.0.4.3
Oracle Oracle Portal Component
Oracle Oracle Application Server 10.1.2.3
Oracle Oracle Application Server 10.1.4.2
4.3
CVSSv2
CVE-2007-1506
Cross-site scripting (XSS) vulnerability in PORTAL.wwv_main.render_warning_screen in the Oracle Portal 10g allows remote malicious users to inject arbitrary web script or HTML via the (1) p_oldurl and (2) p_newurl parameters.
Oracle Application Server Portal
1 EDB exploit
4.3
CVSSv2
CVE-2008-2583
Unspecified vulnerability in the sample Discussion Forum Portlet for the Oracle Portal component in Oracle Application Server, as available from OTN prior to 20080715, has unknown impact and remote attack vectors.
Oracle Application Server
Oracle Oracle Portal Component
5
CVSSv2
CVE-2008-2138
Oracle Application Server (OracleAS) Portal 10g allows remote malicious users to bypass intended access restrictions and read the contents of /dav_portal/portal/ by sending a request containing a trailing "%0A" (encoded line feed), then using the session ID that is gene...
Oracle Application Server Portal 10g
1 EDB exploit
5
CVSSv2
CVE-2006-6699
Multiple CRLF injection vulnerabilities in Oracle Portal 9.0.2 and possibly other versions allow remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the enc parameter to (1) calendarDialog.jsp or (2) fred.jsp. ...
Oracle Application Server Portal 9.0.2
4.4
CVSSv2
CVE-2009-1008
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010.
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 6.0.0.0
Ibm Websphere Portal 6.0.1.0
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 6.1.5.0
Ibm Websphere Portal 8.0.0.0
Oracle Application Server 8.3.0
Oracle Application Server 8.2.2
4.4
CVSSv2
CVE-2009-1010
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1008.
Ibm Websphere Portal 6.0.0.0
Ibm Websphere Portal 6.0.1.0
Ibm Websphere Portal 6.1.5.0
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 7.0.0.0
Oracle Application Server 8.2.2
Oracle Application Server 8.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »