Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere portal 7.0.0.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-6093
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x prior to 7.0.0.2 CF29, 8.0.x up to and including 8.0.0.1 CF14, and 8.5.x prior to 8.5.0 CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
NA
CVE-2012-2181
Directory traversal vulnerability in the Dojo module in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF14, and 8.0, allows remote malicious users to read arbitrary files via a crafted URL.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0
NA
CVE-2012-4834
Directory traversal vulnerability in LayerLoader.jsp in the theme component in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF19 and 8.0 before CF03 allows remote malicious users to read arbitrary files via a crafted URI.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
NA
CVE-2014-3102
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.0 up to and including 7.0.0.2 CF28 and 8.0.0 prior to 8.0.0.1 CF13 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
7.8
CVSSv3
CVE-2013-2951
IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. IBM X-Force ID: 83621.
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 8.0.0.0
NA
CVE-2013-5379
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.x prior to 7.0.0.2 CF25 and 8.x prior to 8.0.0.1 CF8 allows remote authenticated users to inject arbitrary web script or HTML by leveraging improper tagging functionality.
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
NA
CVE-2013-6316
IBM WebSphere Portal 7.0.0.x prior to 7.0.0.2 CF26 and 8.0.0.x prior to 8.0.0.1 CF09 does not properly handle content-selection changes during Taxonomy component rendering, which allows remote malicious users to obtain sensitive property information in opportunistic circumstances...
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 7.0.0.0
NA
CVE-2011-2173
The implementation of OutputMediator objects in IBM WebSphere Portal 6.0.1.7, and 7.0.0.1 before CF002, allows remote authenticated users to cause a denial of service (memory consumption) via requests.
Ibm Websphere Portal 6.0.1.7
Ibm Websphere Portal 7.0.0.1
NA
CVE-2013-0549
Cross-site scripting (XSS) vulnerability in the Web Content Manager - Web Content Viewer Portlet in the server in IBM WebSphere Portal 7.0.0.x up to and including 7.0.0.2 CF22 and 8.0.0.x up to and including 8.0.0.1 CF5, when the IBM Portlet API is used, allows remote malicious u...
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0
Ibm Websphere Portal 8.0.0.1
NA
CVE-2013-6722
Unrestricted file upload vulnerability in the Registration/Edit My Profile portlet in IBM WebSphere Portal 7.x prior to 7.0.0.2 CF27 and 8.x up to and including 8.0.0.1 CF09 allows remote malicious users to cause a denial of service or modify data via unspecified vectors.
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »