Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
websphere portal vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2009-4153
Unspecified vulnerability in the XMLAccess component in IBM WebSphere Portal 6.1.x prior to 6.1.0.3 has unknown impact and attack vectors, related to the work directory.
Ibm Websphere Portal 6.1.0.1
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 6.1.0.2
668
VMScore
CVE-2008-3423
IBM WebSphere Portal 5.1 up to and including 6.1.0.0 allows remote malicious users to bypass authentication and obtain administrative access via unspecified vectors.
Ibm Websphere Portal 5.1.0.1
Ibm Websphere Portal 5.1.0.2
Ibm Websphere Portal 6.0.1.3
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 5.1.0.0
Ibm Websphere Portal 6.0.0.1
Ibm Websphere Portal 6.0.1.1
Ibm Websphere Portal 5.1.0.5
Ibm Websphere Portal 6.0.0.0
Ibm Websphere Portal 5.1.0.3
Ibm Websphere Portal 5.1.0.4
632
VMScore
CVE-2014-0918
Directory traversal vulnerability in IBM Eclipse Help System (IEHS) in IBM WebSphere Portal 6.1.0 up to and including 6.1.0.6 CF27, 6.1.5 up to and including 6.1.5.3 CF27, 7.0 up to and including 7.0.0.2 CF27, and 8.0 prior to 8.0.0.1 CF06 allows remote malicious users to read ar...
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 6.1.5.0
Ibm Websphere Portal 6.1.5.1
Ibm Websphere Portal 6.1.0.5
Ibm Websphere Portal 6.1.0.6
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 6.1.0.1
Ibm Websphere Portal 6.1.0.2
Ibm Websphere Portal 6.1.0.3
Ibm Websphere Portal 6.1.0.4
Ibm Websphere Portal 6.1.5.2
Ibm Websphere Portal 6.1.5.3
614
VMScore
CVE-2014-3020
install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program.
Ibm Embedded Websphere Application Server 7.0
Ibm Tivoli Integrated Portal 2.2
Ibm Tivoli Integrated Portal 2.1
605
VMScore
CVE-2017-1156
IBM WebSphere Portal 8.5 and 9.0 could allow a remote malicious user to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect...
Ibm Websphere Portal 9.0
Ibm Websphere Portal 8.5
605
VMScore
CVE-2016-2901
Cross-site request forgery (CSRF) vulnerability in the PA_Theme_Creator application in IBM WebSphere Portal 8.5 CF08 through CF10 and Web Content Manager allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Websphere Portal 8.5.0.0
Ibm Web Content Manager
605
VMScore
CVE-2015-5001
IBM WebSphere Portal 6.1.0 up to and including 6.1.0.6 CF27, 6.1.5 up to and including 6.1.5.3 CF27, 7.0.0 up to and including 7.0.0.2 CF29, 8.0.0 prior to 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote authenticated users to cause a denial of service (memory consumption) via ...
Ibm Websphere Portal 6.1.5.2
Ibm Websphere Portal 6.1.5.1
Ibm Websphere Portal 6.1.0.1
Ibm Websphere Portal 6.1.0.0
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.1
Ibm Websphere Portal 6.1.5.0
Ibm Websphere Portal 6.1.0.6
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 7.0.0.2
Ibm Websphere Portal 7.0.0.1
Ibm Websphere Portal 6.1.0.5
Ibm Websphere Portal 6.1.0.4
Ibm Websphere Portal 7.0.0.0
Ibm Websphere Portal 6.1.5.3
Ibm Websphere Portal 6.1.0.3
Ibm Websphere Portal 6.1.0.2
605
VMScore
CVE-2015-4997
IBM WebSphere Portal 8.5.0 before CF08 allows remote malicious users to bypass intended access restrictions via a crafted request.
Ibm Websphere Portal 8.5.0.0
605
VMScore
CVE-2014-6214
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.0.0 up to and including 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Websphere Portal 8.0.0.0
Ibm Websphere Portal 8.5.0.0
Ibm Websphere Portal 8.0.0.1
605
VMScore
CVE-2014-6125
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.5.0 before CF03 allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Websphere Portal 8.5.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »