Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Websphere Portal  Security Vulnerabilities
CVE-2015-1921
Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
CVSS Score
6.4
EPSS Score
0.002
Published
2015-05-25
CVE-2015-1899
IBM WebSphere Portal 8.5 through CF05 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.
CVSS Score
7.8
EPSS Score
0.007
Published
2015-05-25
CVE-2015-1908
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF16, and 8.5.0 through CF05, as used in Web Content Manager and other products, allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVSS Score
4.3
EPSS Score
0.002
Published
2015-04-27
CVE-2015-1886
The Remote Document Conversion Service (DCS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF16, and 8.5.0 through CF05 allows remote attackers to cause a denial of service (memory consumption) via crafted requests.
CVSS Score
7.8
EPSS Score
0.021
Published
2015-04-27
CVE-2015-0177
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF05 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVSS Score
3.5
EPSS Score
0.002
Published
2015-03-13
CVE-2015-0139
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVSS Score
3.5
EPSS Score
0.002
Published
2015-03-13
CVE-2014-6214
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
CVSS Score
6.8
EPSS Score
0.001
Published
2015-03-13
CVE-2014-8909
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF29, 8.0.0.x before 8.0.0.1 CF15, and 8.5.0 before CF05 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVSS Score
3.5
EPSS Score
0.002
Published
2015-02-13
CVE-2014-8902
Cross-site scripting (XSS) vulnerability in the Blog Portlet in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 through 8.0.0.1 CF14, and 8.5.0 before CF04 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-12-19
CVE-2014-6193
IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF14 and 8.5.0 before CF04, when the Managed Pages setting is enabled, allows remote authenticated users to write to pages via an XML injection attack.
CVSS Score
4.9
EPSS Score
0.003
Published
2014-12-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved