Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere portal 7.0.0.0 vulnerabilities and exploits
(subscribe to this query)
6.3
CVSSv3
CVE-2018-1672
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user. IBM X-Force ID: 144958.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 9.0.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
NA
CVE-2009-1009
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 allows local users to affect confidentiality, integrity, and availability, related to HTML.
Oracle Application Server 8.1.9
Ibm Websphere Portal 6.0.0.0
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 6.1.5.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 6.0.1.0
NA
CVE-2014-3054
Multiple open redirect vulnerabilities in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x up to and including 8.0.0.1 CF12 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal Unified Task List Portlet 6.0.1
Ibm Websphere Portal 7.0.0.0
NA
CVE-2014-3057
Cross-site scripting (XSS) vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x up to and including 8.0.0.1 CF12 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal Unified Task List Portlet 6.0.1
NA
CVE-2014-3055
SQL injection vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x up to and including 8.0.0.1 CF12 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Ibm Websphere Portal Unified Task List Portlet 6.0.1
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.0
NA
CVE-2014-3056
The Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x up to and including 8.0.0.1 CF12 allows remote malicious users to obtain potentially sensitive information about environment variables and JAR versions via unspecified vectors.
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal Unified Task List Portlet 6.0.1
Ibm Websphere Portal 7.0.0.0
NA
CVE-2011-2754
Cross-site scripting (XSS) vulnerability in the PageBuilder2 (aka Page Builder) theme in IBM WebSphere Portal 7.x prior to 7.0.0.1 CF006, as used in IBM Web Content Manager (WCM) and other products, allows remote malicious users to inject arbitrary web script or HTML via unspecif...
Ibm Websphere Portal 7.0.0.1
Ibm Web Content Manager
Ibm Websphere Portal 7.0.0.0
NA
CVE-2013-2950
CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x prior to 6.1.0.3 CF26, 6.1.5.x prior to 6.1.5 CF26, 7.0.0.x prior to 7.0.0.2 CF21, and 8.0.0.x up to and including 8.0.0.1 CF5, when home substitution (aka uri.home.substitution) is enabled, allows remote authenticated ...
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 6.1.0.3
Ibm Websphere Portal 6.1.5.0
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 6.1.0.1
Ibm Websphere Portal 6.1.0.2
NA
CVE-2011-0679
IBM WebSphere Portal 6.0.1.1 up to and including 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and IBM Lotus Quickr for WebSphere Portal, allows remote malicious users to obtain sensitive information via a "modified message."
Ibm Websphere Portal 6.0.1.4
Ibm Websphere Portal 6.0.1.5
Ibm Websphere Portal 6.1.5.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 6.0.1.6
Ibm Websphere Portal 6.0.1.7
Ibm Websphere Portal 6.0.1.1
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 6.1.0.1
Ibm Websphere Portal 6.0.1.2
Ibm Websphere Portal 6.0.1.3
Ibm Websphere Portal 6.1.0.2
Ibm Websphere Portal 6.1.0.3
NA
CVE-2009-1008
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010.
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 6.0.0.0
Ibm Websphere Portal 6.0.1.0
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 6.1.5.0
Ibm Websphere Portal 8.0.0.0
Oracle Application Server 8.3.0
Oracle Application Server 8.2.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »