Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
liferay liferay enterprise portal vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2009-3742
Cross-site scripting (XSS) vulnerability in Liferay Portal prior to 5.3.0 allows remote malicious users to inject arbitrary web script or HTML via the p_p_id parameter.
Liferay Liferay Portal
4.3
CVSSv2
CVE-2009-1294
Multiple cross-site scripting (XSS) vulnerabilities in web/guest/home in the Liferay 4.3.0 portal in Novell Teaming 1.0 through SP3 (1.0.3) allow remote malicious users to inject arbitrary web script or HTML via the (1) p_p_state or (2) p_p_mode parameters.
Novell Teaming 1.0
Novell Teaming 1.0.1
Novell Teaming 1.0.2
Novell Teaming 1.0.3
Liferay Liferay Enterprise Portal 4.3.0
1 EDB exploit
4.3
CVSSv2
CVE-2008-0178
Cross-site scripting (XSS) vulnerability in the Enterprise Admin Session Monitoring component in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the User-Agent HTTP header.
Liferay Liferay Enterprise Portal 4.3.6
1 EDB exploit
4.3
CVSSv2
CVE-2008-0180
Cross-site scripting (XSS) vulnerability in themes/_unstyled/templates/init.vm in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the Greeting field in a User Profile.
Liferay Liferay Enterprise Portal 3.6.1
Liferay Liferay Enterprise Portal 4.3.1
Liferay Liferay Enterprise Portal 2.1.0
Liferay Liferay Enterprise Portal
Liferay Liferay Enterprise Portal 2.1.1
Liferay Liferay Enterprise Portal 1.0
Liferay Liferay Enterprise Portal 2.2.0
Liferay Liferay Enterprise Portal 4.1.3
Liferay Liferay Enterprise Portal 4.1
Liferay Liferay Enterprise Portal 2.0
Liferay Liferay Enterprise Portal 4.3.6
Liferay Liferay Enterprise Portal 4.1.1
4.3
CVSSv2
CVE-2008-0181
Cross-site scripting (XSS) vulnerability in the Admin portlet in Liferay Portal 4.3.6 allows remote authenticated users to inject arbitrary web script or HTML via the Shutdown message.
Liferay Liferay Enterprise Portal 4.3.6
4.3
CVSSv2
CVE-2008-0182
Cross-site request forgery (CSRF) vulnerability in the Admin portlet in Liferay Portal prior to 4.4.0 allows remote authenticated users to perform unspecified actions as unspecified other authenticated users via the Shutdown message.
Liferay Liferay Enterprise Portal
4.3
CVSSv2
CVE-2008-0563
Cross-site request forgery (CSRF) vulnerability in service/impl/UserLocalServiceImpl.java in Liferay Portal 4.3.6 allows remote malicious users to perform unspecified actions as unspecified authenticated users via the User-Agent HTTP header, which is used when composing Forgot Pa...
Liferay Liferay Enterprise Portal 4.3.6
4.3
CVSSv2
CVE-2007-6173
Cross-site scripting (XSS) vulnerability in c/portal/login in Liferay Enterprise Portal 4.3.1 allows remote malicious users to inject arbitrary web script or HTML via the emailAddress parameter in a Send New Password action, a different vector than CVE-2007-6055. NOTE: some of th...
Liferay Liferay Enterprise Portal 4.3.1
1 EDB exploit
4.3
CVSSv2
CVE-2005-4400
Cross-site scripting (XSS) vulnerability in downloads/portal_ent in Liferay Portal Enterprise 3.6.1 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the (1) _77_struts_action, (2) p_p_mode, and (3) p_p_state parameters.
Liferay Liferay Portal Enterprise
1 EDB exploit
4.3
CVSSv2
CVE-2004-2030
Multiple cross-site scripting (XSS) vulnerabilities in index.jsp for Liferay prior to 2.2.0 release 10/1/2004 allow remote malicious users to inject arbitrary web script or HTML, as demonstrated using the message subject.
Liferay Liferay Enterprise Portal
Liferay Liferay Enterprise Portal 2.1.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »