Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
portal vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2021-33705
The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews Editor contains a Server-Side Request Forgery (SSRF) vulnerability which allows an unauthenticated malicious user to craft a malicious URL which when clicked by a user can make any typ...
Sap Netweaver Portal 7.10
Sap Netweaver Portal 7.11
Sap Netweaver Portal 7.20
Sap Netweaver Portal 7.30
Sap Netweaver Portal 7.31
Sap Netweaver Portal 7.40
Sap Netweaver Portal 7.50
383
VMScore
CVE-2018-1416
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 9.0.0.0
Ibm Websphere Portal 7.0.0.0
516
VMScore
CVE-2019-2583
Vulnerability in the Oracle iSupplier Portal component of Oracle E-Business Suite (subcomponent: Attachments). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with...
Oracle Isupplier Portal 12.2.7
Oracle Isupplier Portal 12.2.4
Oracle Isupplier Portal 12.2.8
Oracle Isupplier Portal 12.2.3
Oracle Isupplier Portal 12.2.6
Oracle Isupplier Portal 12.2.5
Oracle Isupplier Portal 12.1.3
356
VMScore
CVE-2018-1420
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. This can lead to security miss-configuration of the installation. IBM X-Force ID: 138950.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 9.0.0.0
445
VMScore
CVE-2017-1577
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 132...
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 9.0.0.0
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.0
668
VMScore
CVE-2005-4227
Multiple "potential" SQL injection vulnerabilities in DCP-Portal 6.1.1 might allow remote malicious users to execute arbitrary SQL commands via (1) the password and username parameters in advertiser.php, (2) the aid parameter in announcement.php, (3) the dcp5_member_id,...
Codeworx Technologies Dcp-portal 4.0
Codeworx Technologies Dcp-portal 4.1
Codeworx Technologies Dcp-portal 5.3
Codeworx Technologies Dcp-portal 5.3.1
Codeworx Technologies Dcp-portal 4.2
Codeworx Technologies Dcp-portal 4.5.1
Codeworx Technologies Dcp-portal 5.3.2
Codeworx Technologies Dcp-portal 6.0
Codeworx Technologies Dcp-portal 3.7
Codeworx Technologies Dcp-portal 5.1
Codeworx Technologies Dcp-portal 5.2
Codeworx Technologies Dcp-portal 5.0.1
Codeworx Technologies Dcp-portal 5.0.2
Codeworx Technologies Dcp-portal 6.1
Codeworx Technologies Dcp-portal 6.1.1
890
VMScore
CVE-2008-5675
Unspecified vulnerability in IBM WebSphere Portal 6.0 prior to 6.0.1.5 has unknown impact and attack vectors related to "Access problems with BasicAuthTAI."
Ibm Websphere Portal 6.0.1.2
Ibm Websphere Portal
Ibm Websphere Portal 6.0.0.0
Ibm Websphere Portal 6.0.0.1
Ibm Websphere Portal 6.0.1.3
Ibm Websphere Portal 6.0.1.1
NA
CVE-2023-24546
On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with network access to CloudVision to get broader access to telemetry and configuration data within the system than intended. This ...
Arista Cloudvision Portal 2022.1.0
Arista Cloudvision Portal 2022.1.1
Arista Cloudvision Portal 2022.2.0
Arista Cloudvision Portal 2022.2.1
Arista Cloudvision Portal 2022.3.0
Arista Cloudvision Portal
265
VMScore
CVE-2008-4164
cron.php in MemHT Portal 3.9.0 and previous versions allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Memht Memht Portal
Memht Memht Portal 3.8.5
Memht Memht Portal 3.6.0
Memht Memht Portal 3.1
Memht Memht Portal 3.4.5
Memht Memht Portal 3.4
1 EDB exploit
445
VMScore
CVE-2004-2511
Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 5.3.2 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) the year, (2) month, and (3) day parameters in calendar.php; (4) the cid and (5) url parameters in index.php; ...
Codeworx Technologies Dcp-portal 5.0.2
Codeworx Technologies Dcp-portal 4.1
Codeworx Technologies Dcp-portal 4.2
Codeworx Technologies Dcp-portal
Codeworx Technologies Dcp-portal 4.5.1
Codeworx Technologies Dcp-portal 5.0.1
Codeworx Technologies Dcp-portal 5.1
Codeworx Technologies Dcp-portal 5.2
Codeworx Technologies Dcp-portal 3.7
Codeworx Technologies Dcp-portal 4.0
Codeworx Technologies Dcp-portal 5.3
Codeworx Technologies Dcp-portal 5.3.1
3 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »