CVSS: 5.0EPSS: 0%CPEs: 39EXPL: 0CVE-2012-4834
https://notcve.org/view.php?id=CVE-2012-4834
Directory traversal vulnerability in LayerLoader.jsp in the theme component in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF19 and 8.0 before CF03 allows remote attackers to read arbitrary files via a crafted URI. Una vulnerabilidad de salto de directorio en LayerLoader.jsp en el componente temático en IBM WebSphere Portal v7.0.0.1 y v7.0.0.2 antes de CF19 y v8.0 antes de CF03 permite a atacantes remotos leer archivos de su elección a través de un URI diseñada para tal fin. • http://secunia.com/advisories/51281 http://www-01.ibm.com/support/docview.wss?uid=swg1PM76354 http://www.ibm.com/connections/blogs/PSIRT/entry/security_vulnerability_in_theme_component_for_websphere_portal_versions_7_0_0_x_and_8_0_cve2012_48344 http://www.ibm.com/support/docview.wss?uid=swg21617713 http://www.ibm.com/support/docview.wss?uid=swg24033155 https://exchange.xforce.ibmcloud.com/vulnerabilities/78914 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 0CVE-2009-1010
https://notcve.org/view.php?id=CVE-2009-1010
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1008. Vulnerabilidad no especificada en el componente Outside In Technology en Oracle Application Server 8.2.2 y 8.3.0 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad, relacionado con HTML, una vulnerabilidad diferente a CVE-2009-1008. • http://osvdb.org/53749 http://secunia.com/advisories/34693 http://www-01.ibm.com/support/docview.wss?uid=swg21660640 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •
CVSS: 4.4EPSS: 0%CPEs: 8EXPL: 0CVE-2009-1008
https://notcve.org/view.php?id=CVE-2009-1008
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010. Vulnerabilidad no especificada en el componente Outside In Technology en Oracle Application Server 8.2.2 y 8.3.0 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad, relacionado con HTML, una vulnerabilidad diferente a CVE-2009-1010. • http://osvdb.org/53747 http://secunia.com/advisories/34693 http://www-01.ibm.com/support/docview.wss?uid=swg21660640 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •
CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2009-1009
https://notcve.org/view.php?id=CVE-2009-1009
Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 allows local users to affect confidentiality, integrity, and availability, related to HTML. Vulnerabilidad no especificada en el componente Outside In Technology en Oracle Application Server v8.1.9 que permite a los usuarios locales afectar a la confidencialidad, integridad y disponibilidad en relación a HTML. • http://osvdb.org/53748 http://secunia.com/advisories/34693 http://www-01.ibm.com/support/docview.wss?uid=swg21660640 http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022055 http://www.us-cert.gov/cas/techalerts/TA09-105A.html •