Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
IbmFilenet P8 Application Engine

8 matches found

CVE
CVEadded 2010/09/20 10:0 p.m.38 views

CVE-2009-4999

Cross-site scripting (XSS) vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-016 allows remote attackers to inject arbitrary web script or HTML via the Name field.

4.3CVSS5.7AI score0.00202EPSS
CVE
CVEadded 2010/09/20 10:0 p.m.35 views

CVE-2010-3472

Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.7AI score0.00321EPSS
CVE
CVEadded 2010/09/20 10:0 p.m.34 views

CVE-2009-5001

The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.2-P8AE-FP002 grants a document's Creator-Owner full control over an annotation object, even if the default instance security has changed, which might allow remote authenticated users to bypass intended...

4CVSS6.2AI score0.00121EPSS
CVE
CVEadded 2010/09/20 10:0 p.m.32 views

CVE-2006-7241

The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-002 removes a user from an ACL when the user is denied all permissions for an annotation, which might allow remote authenticated users to bypass intended access restrictions in opportunistic circumstances.

4CVSS6.2AI score0.00092EPSS
CVE
CVEadded 2010/09/20 10:0 p.m.32 views

CVE-2010-3470

Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 and 4.0.2.x before 4.0.2.7-P8AE-FP007 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.7AI score0.0049EPSS
CVE
CVEadded 2010/09/20 10:0 p.m.32 views

CVE-2010-3471

Session fixation vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.7-P8AE-FP007 allows remote attackers to hijack web sessions via unspecified vectors.

4.3CVSS6.6AI score0.00236EPSS
CVE
CVEadded 2010/09/20 10:0 p.m.31 views

CVE-2009-5000

Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.3-P8AE-FP003 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to .jsp pages.

4.3CVSS5.7AI score0.00202EPSS
CVE
CVEadded 2010/09/20 10:0 p.m.28 views

CVE-2006-7242

The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-001 does not ensure that the AE Administrator role is present for Site Preferences modifications, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.

4CVSS6.1AI score0.00121EPSS