CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0CVE-2009-0899
https://notcve.org/view.php?id=CVE-2009-0899
03 Jun 2009 — IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.24 and 7.0 through 7.0.0.4, IBM WebSphere Portal Server 5.1 through 6.0, and IBM Integrated Solutions Console (ISC) 6.0.1 do not properly set the IsSecurityEnabled security flag during migration of WebSphere Member Manager (WMM) to Virtual Member Manager (VMM) and a Federated Repository, which allows attackers to obtain sensitive information from repositories via unspecified vectors. IBM WebSphere Application Server (WAS) v6.1 a la v6.1.0.24 y v7.0 a ... • http://www-01.ibm.com/support/docview.wss?uid=swg21375859 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2009-1008
https://notcve.org/view.php?id=CVE-2009-1008
15 Apr 2009 — Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1010. Vulnerabilidad no especificada en el componente Outside In Technology en Oracle Application Server 8.2.2 y 8.3.0 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad, relacionado con HTML, una vulnerabilidad diferente a CVE-200... • http://osvdb.org/53747 •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2009-1009
https://notcve.org/view.php?id=CVE-2009-1009
15 Apr 2009 — Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.1.9 allows local users to affect confidentiality, integrity, and availability, related to HTML. Vulnerabilidad no especificada en el componente Outside In Technology en Oracle Application Server v8.1.9 que permite a los usuarios locales afectar a la confidencialidad, integridad y disponibilidad en relación a HTML. • http://osvdb.org/53748 •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2009-1010
https://notcve.org/view.php?id=CVE-2009-1010
15 Apr 2009 — Unspecified vulnerability in the Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 allows local users to affect confidentiality, integrity, and availability, related to HTML, a different vulnerability than CVE-2009-1008. Vulnerabilidad no especificada en el componente Outside In Technology en Oracle Application Server 8.2.2 y 8.3.0 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad, relacionado con HTML, una vulnerabilidad diferente a CVE-200... • http://osvdb.org/53749 •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2008-5675
https://notcve.org/view.php?id=CVE-2008-5675
18 Dec 2008 — Unspecified vulnerability in IBM WebSphere Portal 6.0 before 6.0.1.5 has unknown impact and attack vectors related to "Access problems with BasicAuthTAI." Vulnerabilidad inespecifica en IBM WebSphere Portal v6.0 anteriores a v6.0.1.5 tiene un impacto desconocido y vectores de ataque relacionados con "problemas de acceso con BasicAuthTAI". • http://secunia.com/advisories/33132 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2008-3423
https://notcve.org/view.php?id=CVE-2008-3423
04 Aug 2008 — IBM WebSphere Portal 5.1 through 6.1.0.0 allows remote attackers to bypass authentication and obtain administrative access via unspecified vectors. IBM WebSphere Portal 5.1 hasta la 6.1.0.0 permite a atacantes remotos saltarse la autenticación y obtener acceso administrativo a través de vectores no especificados. • http://secunia.com/advisories/31443 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.3EPSS: 9%CPEs: 1EXPL: 1CVE-2007-3127 – WSPortal 1.0 - 'content.php' SQL Injection
https://notcve.org/view.php?id=CVE-2007-3127
19 Jun 2007 — content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to obtain sensitive information via a "';" (quote semicolon) sequence in the page parameter, which reveals the installation path in the resulting forced SQL error message. content.php de WSPortal 1.0, cuando magic_quotes_gpc está deshabilitado, permite a atacantes remotos obtener información sensible mediante una secuencia "';" (comilla simple, punto y coma) en el parámetro page, lo cual revela la ruta de instalación en ... • https://www.exploit-db.com/exploits/30197 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3128
https://notcve.org/view.php?id=CVE-2007-3128
19 Jun 2007 — SQL injection vulnerability in content.php in WSPortal 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the page parameter. Vulnerabilidad de inyección SQL en content.php de WSPortal 1.0, cuando magic_quotes_gpc está deshabilitado, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro page. • http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0369.html •