CVSS: 4.3EPSS: 0%CPEs: 16EXPL: 0CVE-2003-0629
https://notcve.org/view.php?id=CVE-2003-0629
Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environment for PeopleTools 8.43 and earlier allows remote attackers to insert arbitrary web script via a certain HTTP request to IScript. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el entorno PeopleSoft IScript de PeopleTools 8.43 y anteriores permite a atacantes remotos insertar script web arbitrario mediante ciertas peticiones HTTP a IScript. • http://marc.info/?l=bugtraq&m=106874146204158&w=2 •
CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 0CVE-2003-0626
https://notcve.org/view.php?id=CVE-2003-0626
psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments. • http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0042.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/013652.html http://www.auscert.org.au/render.html?it=3610 http://www.secunia.com/advisories/10225 http://www.securityfocus.com/bid/9037 https://exchange.xforce.ibmcloud.com/vulnerabilities/13754 •
CVSS: 5.0EPSS: 0%CPEs: 11EXPL: 0CVE-2003-0104
https://notcve.org/view.php?id=CVE-2003-0104
Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet. • http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21999 http://www.iss.net/security_center/static/10962.php http://www.securityfocus.com/bid/7053 •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2002-1252
https://notcve.org/view.php?id=CVE-2002-1252
The Application Messaging Gateway for PeopleTools 8.1x before 8.19, as used in various PeopleSoft products, allows remote attackers to read arbitrary files via certain XML External Entities (XXE) fields in an HTTP POST request that is processed by the SimpleFileHandler handler. La Pasarela de Mensajeria de Aplicaciones de PeopleTools 8.1x anterior a 8.19, usada en varios productos de PeopleSoft, permite a atacantes remotos leer ficheros arbitrarios mediante ciertos campos de entidades externas XML (XEE) en una petición HTTP POST que es procesada por el manejador SimpleFileHandler • http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21811 http://www.iss.net/security_center/static/10520.php http://www.securityfocus.com/bid/6647 •