Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere portal 8.0.0.1 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-1416
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 9.0.0.0
Ibm Websphere Portal 7.0.0.0
6.5
CVSSv3
CVE-2018-1420
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. This can lead to security miss-configuration of the installation. IBM X-Force ID: 138950.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 9.0.0.0
6.3
CVSSv3
CVE-2018-1672
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user. IBM X-Force ID: 144958.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 9.0.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
NA
CVE-2014-3054
Multiple open redirect vulnerabilities in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x up to and including 8.0.0.1 CF12 allow remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal Unified Task List Portlet 6.0.1
Ibm Websphere Portal 7.0.0.0
NA
CVE-2014-3057
Cross-site scripting (XSS) vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x up to and including 8.0.0.1 CF12 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal Unified Task List Portlet 6.0.1
NA
CVE-2014-3055
SQL injection vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x up to and including 8.0.0.1 CF12 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Ibm Websphere Portal Unified Task List Portlet 6.0.1
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.0
NA
CVE-2014-3056
The Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x up to and including 8.0.0.1 CF12 allows remote malicious users to obtain potentially sensitive information about environment variables and JAR versions via unspecified vectors.
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal Unified Task List Portlet 6.0.1
Ibm Websphere Portal 7.0.0.0
NA
CVE-2013-2950
CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x prior to 6.1.0.3 CF26, 6.1.5.x prior to 6.1.5 CF26, 7.0.0.x prior to 7.0.0.2 CF21, and 8.0.0.x up to and including 8.0.0.1 CF5, when home substitution (aka uri.home.substitution) is enabled, allows remote authenticated ...
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 6.1.0.3
Ibm Websphere Portal 6.1.5.0
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 6.1.0.1
Ibm Websphere Portal 6.1.0.2
NA
CVE-2014-6215
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 up to and including 6.1.0.6 CF27, 6.1.5 up to and including 6.1.5.3 CF27, 7.0.0 prior to 7.0.0.2 CF29, 8.0.0 up to and including 8.0.0.1 CF14, and 8.5.0 before CF03 allows remote authenticated users to inject ...
Ibm Websphere Portal 6.1.0.2
Ibm Websphere Portal 6.1.0.3
Ibm Websphere Portal 7.0.0
Ibm Websphere Portal 8.0.0
Ibm Websphere Portal 6.1.0.6
Ibm Websphere Portal 8.5.0
Ibm Websphere Portal 6.1.0
Ibm Websphere Portal 6.1.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 6.1.0.4
Ibm Websphere Portal 6.1.0.5
Ibm Websphere Portal 8.0.0.1
NA
CVE-2013-6723
IBM WebSphere Portal 8.0.0.1 before CF09 does not properly handle references in compute="always" Web Content Manager (WCM) navigator components, which allows remote malicious users to obtain sensitive component information via unspecified vectors.
Ibm Websphere Portal 8.0.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »