Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
peoplesoft peopletools 8.4 vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2006-0584
The PSCipher function in PeopleSoft People Tools 8.4x uses PKCS #5 with a fixed DES key to store user passwords, which makes it easier for local users to guess passwords using a dictionary attack that compares output strings.
Peoplesoft Peopletools 8.40
Peoplesoft Peopletools 8.41
Peoplesoft Peopletools 8.42
Peoplesoft Peopletools 8.43
Peoplesoft Peopletools 8.4
Peoplesoft Peopletools 8.45.5
Peoplesoft Peopletools 8.46.3
4.3
CVSSv2
CVE-2003-0629
Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environment for PeopleTools 8.43 and previous versions allows remote malicious users to insert arbitrary web script via a certain HTTP request to IScript.
Peoplesoft Peopletools 8.10
Peoplesoft Peopletools 8.11
Peoplesoft Peopletools 8.18
Peoplesoft Peopletools 8.19
Peoplesoft Peopletools 8.16
Peoplesoft Peopletools 8.17
Peoplesoft Peopletools 8.42
Peoplesoft Peopletools 8.43
Peoplesoft Peopletools 8.12
Peoplesoft Peopletools 8.13
Peoplesoft Peopletools 8.20
Peoplesoft Peopletools 8.4
Peoplesoft Peopletools 8.14
Peoplesoft Peopletools 8.15
Peoplesoft Peopletools 8.40
Peoplesoft Peopletools 8.41
5
CVSSv2
CVE-2003-0626
psdoccgi.exe in PeopleSoft PeopleTools 8.4 up to and including 8.43 allows remote malicious users to read arbitrary files via the (1) headername or (2) footername arguments.
Peoplesoft Peopletools 8.15
Peoplesoft Peopletools 8.16
Peoplesoft Peopletools 8.42
Peoplesoft Peopletools 8.43
Peoplesoft Peopletools 8.13
Peoplesoft Peopletools 8.14
Peoplesoft Peopletools 8.40
Peoplesoft Peopletools 8.41
Peoplesoft Peopletools 8.10
Peoplesoft Peopletools 8.17
Peoplesoft Peopletools 8.18
Peoplesoft Peopletools 8.11
Peoplesoft Peopletools 8.12
Peoplesoft Peopletools 8.19
Peoplesoft Peopletools 8.20
Peoplesoft Peopletools 8.4
5
CVSSv2
CVE-2003-0628
PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and previous versions allows remote malicious users to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value.
Peoplesoft Peopletools 8.10
Peoplesoft Peopletools 8.11
Peoplesoft Peopletools 8.18
Peoplesoft Peopletools 8.19
Peoplesoft Peopletools 8.16
Peoplesoft Peopletools 8.17
Peoplesoft Peopletools 8.43
Peoplesoft Peopletools 8.12
Peoplesoft Peopletools 8.13
Peoplesoft Peopletools 8.20
Peoplesoft Peopletools 8.4
Peoplesoft Peopletools 8.14
Peoplesoft Peopletools 8.15
Peoplesoft Peopletools 8.40
Peoplesoft Peopletools 8.41
Peoplesoft Peopletools 8.42
7.5
CVSSv2
CVE-2003-0950
PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote malicious users to execute arbitrary commands by uploading a file to the IClient Servlet, guessing the insufficiently random (system time) name of the directory used to store the file, and directly requesting that file.
Peoplesoft Peopletools 8.10
Peoplesoft Peopletools 8.11
Peoplesoft Peopletools 8.19
Peoplesoft Peopletools 8.20
Peoplesoft Peopletools 8.17
Peoplesoft Peopletools 8.18
Peoplesoft Peopletools 8.43
Peoplesoft Peopletools 8.12
Peoplesoft Peopletools 8.13
Peoplesoft Peopletools 8.4
Peoplesoft Peopletools 8.40
Peoplesoft Peopletools 8.14
Peoplesoft Peopletools 8.15
Peoplesoft Peopletools 8.16
Peoplesoft Peopletools 8.41
Peoplesoft Peopletools 8.42
5
CVSSv2
CVE-2003-0627
psdoccgi.exe in PeopleSoft PeopleTools 8.4 up to and including 8.43 allows remote malicious users to cause a denial of service (application crash), possibly via the headername and footername arguments.
Peoplesoft Peopletools 8.43
Peoplesoft Peopletools 8.40
Peoplesoft Peopletools 8.41
Peoplesoft Peopletools 8.42
4.6
CVSSv2
CVE-2021-2063
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where PeopleSof...
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
NA
CVE-2023-22014
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where PeopleSoft Ente...
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Peoplesoft Enterprise Peopletools 8.60
7.5
CVSSv2
CVE-2021-3711
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" paramete...
Openssl Openssl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Storage Encryption -
Netapp E-series Santricity Os Controller
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Session Border Controller 8.4
Oracle Enterprise Communications Broker 3.2.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Peoplesoft Enterprise Peopletools 8.59
1 Github repository
1 Article
4.3
CVSSv2
CVE-2018-0734
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fi...
Openssl Openssl 1.1.1
Openssl Openssl
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 9.0
Nodejs Node.js
Nodejs Node.js 10.13.0
Netapp Cn1610 Firmware -
Netapp Cloud Backup -
Netapp Oncommand Unified Manager
Netapp Steelstore -
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Storage Automation Store -
Oracle Api Gateway 11.1.2.4.0
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Mysql Enterprise Backup
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »