Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2014/09/05 12:0 a.m.28 views

IBM WebSphere Portal 7.0.0.x Unified Task List Portlet < 6.0.1 Multiple Vulnerabilities (PI18909)

The version of IBM WebSphere Portal on the remote host is affected by multiple vulnerabilities in the Unified Task List UTL portlet : - An unspecified open redirect vulnerability exists that allows a remote attacker to perform a phishing attack by enticing a user to click a malicious URL...

7.5CVSS6.1AI score0.02072EPSS
Exploits0References6
NVD
NVD
added 2014/07/29 8:55 p.m.25 views

CVE-2014-3057

Cross-site scripting XSS vulnerability in the Unified Task List UTL Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.3CVSS5.5AI score0.01792EPSS
Exploits0References5
NVD
NVD
added 2014/07/29 8:55 p.m.19 views

CVE-2014-3055

SQL injection vulnerability in the Unified Task List UTL Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.2AI score0.01946EPSS
Exploits0References4
Prion
Prion
added 2014/07/29 8:55 p.m.16 views

Open redirect

Multiple open redirect vulnerabilities in the Unified Task List UTL Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

5.8CVSS7.2AI score0.01822EPSS
Exploits0References4Affected Software2
Prion
Prion
added 2014/07/29 8:55 p.m.26 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Unified Task List UTL Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

4.3CVSS5.9AI score0.01792EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2014/07/29 8:0 p.m.28 views

CVE-2014-3057

Cross-site scripting XSS vulnerability in the Unified Task List UTL Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

5.5AI score0.01792EPSS
Exploits0References5
Cvelist
Cvelist
added 2014/07/29 8:0 p.m.27 views

CVE-2014-3054

Multiple open redirect vulnerabilities in the Unified Task List UTL Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

6.7AI score0.01822EPSS
Exploits0References4
CVE
CVE
added 2014/07/29 8:0 p.m.49 views

CVE-2014-3054

CVE-2014-3054 refers to multiple open redirects in the Unified Task List (UTL) Portlet of IBM WebSphere Portal 7.x and 8.x up to 8.0.0.1 CF12. The open redirect flaw could allow remote attackers to redirect users to arbitrary sites and potentially facilitate phishing via unspecified vectors. Conn...

5.8CVSS6.9AI score0.01822EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2014/07/29 8:0 p.m.50 views

CVE-2014-3057

The CVE-2014-3057 entry affects IBM WebSphere Portal 7.x and 8.x (up to 8.0.0.1 CF12) via the Unified Task List (UTL) Portlet. The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML through a crafted URL. Exploitation details, af...

4.3CVSS5.7AI score0.01792EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2014/07/29 8:0 p.m.62 views

CVE-2014-3055

CVE-2014-3055 is described in public sources as an SQL injection vulnerability in the Unified Task List Portlet of IBM WebSphere Portal 7.x and 8.x up to 8.0.0.1 CF12 . The vulnerability affects the portlet itself and allows remote attackers to execute arbitrary SQL commands via unspecified vecto...

7.5CVSS8.4AI score0.01946EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2014/07/29 8:0 p.m.51 views

CVE-2014-3056

CVE-2014-3056: Affected product is IBM WebSphere Portal Unified Task List (UTL) Portlet on WebSphere Portal 7.x and 8.x up to 8.0.0.1 CF12. The issue is information disclosure exposing environment variables and certain JAR versions via unspecified vectors. This is an information disclosure vulner...

5CVSS6.2AI score0.02072EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder