Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
websphere portal vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2009-4153
Unspecified vulnerability in the XMLAccess component in IBM WebSphere Portal 6.1.x prior to 6.1.0.3 has unknown impact and attack vectors, related to the work directory.
Ibm Websphere Portal 6.1.0.1
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 6.1.0.2
7.5
CVSSv2
CVE-2008-3423
IBM WebSphere Portal 5.1 up to and including 6.1.0.0 allows remote malicious users to bypass authentication and obtain administrative access via unspecified vectors.
Ibm Websphere Portal 5.1.0.1
Ibm Websphere Portal 5.1.0.2
Ibm Websphere Portal 6.0.1.3
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 5.1.0.0
Ibm Websphere Portal 6.0.0.1
Ibm Websphere Portal 6.0.1.1
Ibm Websphere Portal 5.1.0.5
Ibm Websphere Portal 6.0.0.0
Ibm Websphere Portal 5.1.0.3
Ibm Websphere Portal 5.1.0.4
7.1
CVSSv2
CVE-2014-0918
Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 up to and including 6.1.0.6 CF27, 6.1.5 up to and including 6.1.5.3 CF27, 7.0 up to and including 7.0.0.2 CF27, and 8.0 prior to 8.0.0.1 CF06 allows remote malicious users to read ar...
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 6.1.5.0
Ibm Websphere Portal 6.1.5.1
Ibm Websphere Portal 6.1.0.5
Ibm Websphere Portal 6.1.0.6
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 6.1.0.1
Ibm Websphere Portal 6.1.0.2
Ibm Websphere Portal 6.1.0.3
Ibm Websphere Portal 6.1.0.4
Ibm Websphere Portal 6.1.5.2
Ibm Websphere Portal 6.1.5.3
6.9
CVSSv2
CVE-2014-3020
install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program.
Ibm Embedded Websphere Application Server 7.0
Ibm Tivoli Integrated Portal 2.2
Ibm Tivoli Integrated Portal 2.1
6.8
CVSSv2
CVE-2017-1156
IBM WebSphere Portal 8.5 and 9.0 could allow a remote malicious user to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect...
Ibm Websphere Portal 9.0
Ibm Websphere Portal 8.5
6.8
CVSSv2
CVE-2016-2901
Cross-site request forgery (CSRF) vulnerability in the PA_Theme_Creator application in IBM WebSphere Portal 8.5 CF08 through CF10 and Web Content Manager allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Websphere Portal 8.5.0.0
Ibm Web Content Manager
6.8
CVSSv2
CVE-2015-5001
IBM WebSphere Portal 6.1.0 up to and including 6.1.0.6 CF27, 6.1.5 up to and including 6.1.5.3 CF27, 7.0.0 up to and including 7.0.0.2 CF29, 8.0.0 prior to 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote authenticated users to cause a denial of service (memory consumption) via ...
Ibm Websphere Portal 6.1.5.2
Ibm Websphere Portal 6.1.5.1
Ibm Websphere Portal 6.1.0.1
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 6.1.5.0
Ibm Websphere Portal 6.1.0.6
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 6.1.0.5
Ibm Websphere Portal 6.1.0.4
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 6.1.5.3
Ibm Websphere Portal 6.1.0.3
Ibm Websphere Portal 6.1.0.2
6.8
CVSSv2
CVE-2015-4997
IBM WebSphere Portal 8.5.0 before CF08 allows remote malicious users to bypass intended access restrictions via a crafted request.
Ibm Websphere Portal 8.5.0.0
6.8
CVSSv2
CVE-2014-6214
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.0.0 up to and including 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.1
6.8
CVSSv2
CVE-2014-6125
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.5.0 before CF03 allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Websphere Portal 8.5.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »