Ibm

Filenet P8 Application Engine

12 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.8

CVE-2010-3473

  • EPSS 0.32%
  • Published 20.09.2010 22:00:04
  • Last modified 11.04.2025 00:51:21

Open redirect vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

4.3

CVE-2009-4999

  • EPSS 0.2%
  • Published 20.09.2010 22:00:03
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-016 allows remote attackers to inject arbitrary web script or HTML via the Name field.

4.3

CVE-2009-5000

  • EPSS 0.2%
  • Published 20.09.2010 22:00:03
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.3-P8AE-FP003 allow remote attackers to inject arbitrary web script or HTML via unspecified parame...

4

CVE-2009-5001

  • EPSS 0.12%
  • Published 20.09.2010 22:00:03
  • Last modified 11.04.2025 00:51:21

The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.2-P8AE-FP002 grants a document's Creator-Owner full control over an annotation object, even if the default instance security has changed, which might al...

6.4

CVE-2009-5002

  • EPSS 0.22%
  • Published 20.09.2010 22:00:03
  • Last modified 11.04.2025 00:51:21

The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.1-P8AE-FP001 does not record Get Content Failure Audit events, which might allow remote attackers to attempt content access without detection.

4.3

CVE-2010-3470

  • EPSS 0.49%
  • Published 20.09.2010 22:00:03
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 and 4.0.2.x before 4.0.2.7-P8AE-FP007 allow remote attackers to inject arbitrary web script or ...

4.3

CVE-2010-3471

  • EPSS 0.24%
  • Published 20.09.2010 22:00:03
  • Last modified 11.04.2025 00:51:21

Session fixation vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.7-P8AE-FP007 allows remote attackers to hijack web sessions via unspecified vectors.

4.3

CVE-2010-3472

  • EPSS 0.32%
  • Published 20.09.2010 22:00:03
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4

CVE-2006-7242

  • EPSS 0.12%
  • Published 20.09.2010 22:00:02
  • Last modified 11.04.2025 00:51:21

The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-001 does not ensure that the AE Administrator role is present for Site Preferences modifications, which allows remote authenticated users to bypass intend...

2.1

CVE-2008-7261

  • EPSS 0.05%
  • Published 20.09.2010 22:00:02
  • Last modified 11.04.2025 00:51:21

The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-010 records DEBUG messages containing user credentials in the log4j.xml file, which might allow local users to obtain sensitive information by reading thi...