Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere portal 8.5.0.0 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2016-2901
Cross-site request forgery (CSRF) vulnerability in the PA_Theme_Creator application in IBM WebSphere Portal 8.5 CF08 through CF10 and Web Content Manager allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Websphere Portal 8.5.0.0
Ibm Web Content Manager
7.5
CVSSv3
CVE-2017-1577
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 132...
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 9.0.0.0
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.0
7.4
CVSSv3
CVE-2015-7428
Open redirect vulnerability in IBM WebSphere Portal 8.0.x prior to 8.0.0.1 CF20 and 8.5.x prior to 8.5.0.0 CF09 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
7.2
CVSSv3
CVE-2015-7472
IBM WebSphere Portal 6.1.0 up to and including 6.1.0.6 CF27, 6.1.5 up to and including 6.1.5.3 CF27, 7.0.0 up to and including 7.0.0.2 CF29, 8.0.0 prior to 8.0.0.1 CF20, and 8.5.0 before CF10 allows remote malicious users to conduct LDAP injection attacks, and consequently read o...
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 6.1.5.0
Ibm Websphere Portal 6.1.0.6
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 6.1.0.3
Ibm Websphere Portal 6.1.0.2
Ibm Websphere Portal 6.1.5.3
Ibm Websphere Portal 6.1.5.2
Ibm Websphere Portal 6.1.5.1
Ibm Websphere Portal 6.1.0.1
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 6.1.0.5
Ibm Websphere Portal 6.1.0.4
6.5
CVSSv3
CVE-2018-1420
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. This can lead to security miss-configuration of the installation. IBM X-Force ID: 138950.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 9.0.0.0
6.5
CVSSv3
CVE-2016-5954
IBM WebSphere Portal 6.1.0 up to and including 6.1.0.6 CF27, 6.1.5 up to and including 6.1.5.3 CF27, 7.0.0 up to and including 7.0.0.2 CF30, 8.0.0 up to and including 8.0.0.1 CF21, and 8.5.0 before CF12 allows remote authenticated users to cause a denial of service by uploading t...
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 6.1.5.3
Ibm Websphere Portal 6.1.0.3
Ibm Websphere Portal 6.1.0.2
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 6.1.0.5
Ibm Websphere Portal 6.1.0.4
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 6.1.5.0
Ibm Websphere Portal 6.1.0.6
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 6.1.5.2
Ibm Websphere Portal 6.1.5.1
Ibm Websphere Portal 6.1.0.1
Ibm Websphere Portal 6.1.0.0
6.3
CVSSv3
CVE-2018-1672
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user. IBM X-Force ID: 144958.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 9.0.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
6.1
CVSSv3
CVE-2018-1673
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 9.0.0.0
6.1
CVSSv3
CVE-2018-1716
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 9.0.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
6.1
CVSSv3
CVE-2018-1736
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed ...
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 9.0.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »