Ibm Websphere Portal vulnerabilities

126 known vulnerabilities affecting ibm/websphere_portal.

Total CVEs
126
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH15MEDIUM95LOW15

Vulnerabilities

Page 7 of 7
CVE-2009-1008MEDIUMCVSS 4.4v6.0.0.0v6.0.1.0+4 more2009-04-15
CVE-2009-1008 [MEDIUM] CVE-2009-1008: Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010.
nvd
CVE-2009-1009MEDIUMCVSS 4.4v6.0.0.0v6.0.1.0+4 more2009-04-15
CVE-2009-1009 [MEDIUM] CVE-2009-1009: Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 allows local users to affect confidentiality, integrity, and availability, related to HTML.
nvd
CVE-2008-5675CRITICALCVSS 10.0≤ 6.0.1.4v6.0.0.0+4 more2008-12-19
CVE-2008-5675 [CRITICAL] CWE-264 CVE-2008-5675: Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack v Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack vectors related to "Access problems with BasicAuthTAI."
nvd
CVE-2008-3423HIGHCVSS 7.5v5.1.0.0v5.1.0.1+9 more2008-08-04
CVE-2008-3423 [HIGH] CWE-264 CVE-2008-3423: IBM WebSphere Portal 5.1 through 6.1.0.0 allows remote attackers to bypass authentication and obtain IBM WebSphere Portal 5.1 through 6.1.0.0 allows remote attackers to bypass authentication and obtain administrative access via unspecified vectors.
nvd
CVE-2007-3127MEDIUMCVSS 5.0PoCv1.02007-06-19
CVE-2007-3127 [MEDIUM] CVE-2007-3127: content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to obtain se content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to obtain sensitive information via a "';" (quote semicolon) sequence in the page parameter, which reveals the installation path in the resulting forced SQL error message.
nvd
CVE-2007-3128MEDIUMCVSS 6.4v1.02007-06-19
CVE-2007-3128 [MEDIUM] CVE-2007-3128: SQL injection vulnerability in content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allow SQL injection vulnerability in content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the page parameter.
nvd
← Previous7 / 7