Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
portal vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-1660
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 9.0.0.0
Ibm Websphere Portal 7.0.0.0
6.5
CVSSv2
CVE-2018-1672
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user. IBM X-Force ID: 144958.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 9.0.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
4.3
CVSSv2
CVE-2018-1673
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 9.0.0.0
5.8
CVSSv2
CVE-2021-33705
The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews Editor contains a Server-Side Request Forgery (SSRF) vulnerability which allows an unauthenticated malicious user to craft a malicious URL which when clicked by a user can make any typ...
Sap Netweaver Portal 7.10
Sap Netweaver Portal 7.11
Sap Netweaver Portal 7.20
Sap Netweaver Portal 7.30
Sap Netweaver Portal 7.31
Sap Netweaver Portal 7.40
Sap Netweaver Portal 7.50
5.8
CVSSv2
CVE-2019-2583
Vulnerability in the Oracle iSupplier Portal component of Oracle E-Business Suite (subcomponent: Attachments). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with...
Oracle Isupplier Portal 12.2.7
Oracle Isupplier Portal 12.2.4
Oracle Isupplier Portal 12.2.8
Oracle Isupplier Portal 12.2.3
Oracle Isupplier Portal 12.2.6
Oracle Isupplier Portal 12.2.5
Oracle Isupplier Portal 12.1.3
7.5
CVSSv2
CVE-2005-4227
Multiple "potential" SQL injection vulnerabilities in DCP-Portal 6.1.1 might allow remote malicious users to execute arbitrary SQL commands via (1) the password and username parameters in advertiser.php, (2) the aid parameter in announcement.php, (3) the dcp5_member_id,...
Codeworx Technologies Dcp-portal 4.0
Codeworx Technologies Dcp-portal 4.1
Codeworx Technologies Dcp-portal 5.3
Codeworx Technologies Dcp-portal 5.3.1
Codeworx Technologies Dcp-portal 4.2
Codeworx Technologies Dcp-portal 4.5.1
Codeworx Technologies Dcp-portal 5.3.2
Codeworx Technologies Dcp-portal 6.0
Codeworx Technologies Dcp-portal 3.7
Codeworx Technologies Dcp-portal 5.1
Codeworx Technologies Dcp-portal 5.2
Codeworx Technologies Dcp-portal 5.0.1
Codeworx Technologies Dcp-portal 5.0.2
Codeworx Technologies Dcp-portal 6.1
Codeworx Technologies Dcp-portal 6.1.1
10
CVSSv2
CVE-2008-5675
Unspecified vulnerability in IBM WebSphere Portal 6.0 prior to 6.0.1.5 has unknown impact and attack vectors related to "Access problems with BasicAuthTAI."
Ibm Websphere Portal 6.0.1.2
Ibm Websphere Portal
Ibm Websphere Portal 6.0.0.0
Ibm Websphere Portal 6.0.0.1
Ibm Websphere Portal 6.0.1.3
Ibm Websphere Portal 6.0.1.1
2.6
CVSSv2
CVE-2008-4164
cron.php in MemHT Portal 3.9.0 and previous versions allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Memht Memht Portal
Memht Memht Portal 3.8.5
Memht Memht Portal 3.6.0
Memht Memht Portal 3.1
Memht Memht Portal 3.4.5
Memht Memht Portal 3.4
1 EDB exploit
NA
CVE-2023-24546
On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with network access to CloudVision to get broader access to telemetry and configuration data within the system than intended. This ...
Arista Cloudvision Portal 2022.1.0
Arista Cloudvision Portal 2022.1.1
Arista Cloudvision Portal 2022.2.0
Arista Cloudvision Portal 2022.2.1
Arista Cloudvision Portal 2022.3.0
Arista Cloudvision Portal
4.3
CVSSv2
CVE-2004-2511
Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 5.3.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the year, (2) month, and (3) day parameters in calendar.php; (4) the cid and (5) url parameters in index.php; ...
Codeworx Technologies Dcp-portal 5.0.2
Codeworx Technologies Dcp-portal 4.1
Codeworx Technologies Dcp-portal 4.2
Codeworx Technologies Dcp-portal
Codeworx Technologies Dcp-portal 4.5.1
Codeworx Technologies Dcp-portal 5.0.1
Codeworx Technologies Dcp-portal 5.1
Codeworx Technologies Dcp-portal 5.2
Codeworx Technologies Dcp-portal 3.7
Codeworx Technologies Dcp-portal 4.0
Codeworx Technologies Dcp-portal 5.3
Codeworx Technologies Dcp-portal 5.3.1
3 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »