Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere portal 7.0.0.2 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2012-2181
Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote malicious users to read arbitrary files via a crafted URL.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0
5
CVSSv2
CVE-2012-4834
Directory traversal vulnerability in LayerLoader.jsp in the theme component in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF19 and 8.0 before CF03 allows remote malicious users to read arbitrary files via a crafted URI.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
3.5
CVSSv2
CVE-2014-3102
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.0 up to and including 7.0.0.2 CF28 and 8.0.0 prior to 8.0.0.1 CF13 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
2.1
CVSSv2
CVE-2013-2951
IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. IBM X-Force ID: 83621.
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 8.0.0.0
3.5
CVSSv2
CVE-2013-5379
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.x prior to 7.0.0.2 CF25 and 8.x prior to 8.0.0.1 CF8 allows remote authenticated users to inject arbitrary web script or HTML by leveraging improper tagging functionality.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
4.3
CVSSv2
CVE-2013-6316
IBM WebSphere Portal 7.0.0.x prior to 7.0.0.2 CF26 and 8.0.0.x prior to 8.0.0.1 CF09 does not properly handle content-selection changes during Taxonomy component rendering, which allows remote malicious users to obtain sensitive property information in opportunistic circumstances...
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.0
4.3
CVSSv2
CVE-2017-1761
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 9.0.0.0
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.0
5
CVSSv2
CVE-2015-1887
IBM WebSphere Portal 7.0.0 up to and including 7.0.0.2 CF29, 8.0.0 prior to 8.0.0.1 CF17, and 8.5.0 before CF06 allows remote malicious users to obtain sensitive Java Content Repository (JCR) information via a crafted request.
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.0
4
CVSSv2
CVE-2015-7455
IBM WebSphere Portal 7.x up to and including 7.0.0.2 CF29, 8.0.x prior to 8.0.0.1 CF20, and 8.5.x prior to 8.5.0.0 CF09 uses weak permissions for content items, which allows remote authenticated users to make modifications via the authoring UI.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.0
5.8
CVSSv2
CVE-2013-6722
Unrestricted file upload vulnerability in the Registration/Edit My Profile portlet in IBM WebSphere Portal 7.x prior to 7.0.0.2 CF27 and 8.x up to and including 8.0.0.1 CF09 allows remote malicious users to cause a denial of service or modify data via unspecified vectors.
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »