Peopletools@8.10 Security Vulnerabilities and Issues — Peopletools@8.10 CVE List

Lucene search

PeoplesoftPeopletools8.10

5 matches found

CVE•added 2004/09/01 4:0 a.m.•54 views

CVE-2003-0104

Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet.

5CVSS7.2AI score0.01388EPSS

CVE•added 2003/12/15 5:0 a.m.•41 views

CVE-2003-0629

Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environment for PeopleTools 8.43 and earlier allows remote attackers to insert arbitrary web script via a certain HTTP request to IScript.

4.3CVSS5.9AI score0.00314EPSS

CVE•added 2003/12/15 5:0 a.m.•34 views

CVE-2003-0950

PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to execute arbitrary commands by uploading a file to the IClient Servlet, guessing the insufficiently random (system time) name of the directory used to store the file, and directly requesting that file.

7.5CVSS8AI score0.00982EPSS

CVE•added 2005/04/14 4:0 a.m.•31 views

CVE-2003-0626

psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments.

5CVSS6.8AI score0.00763EPSS

CVE•added 2003/12/15 5:0 a.m.•29 views

CVE-2003-0628

PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value.

5CVSS6.7AI score0.00497EPSS