| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-1308 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Installation Verification Test (IVT) application in the Install component in IBM WebSphere Application Server (WAS) before 7.0.0.15 allows remote attackers to inject arbitrary web script or HTML via uns
|
17-08-2017 - 01:34 | 08-03-2011 - 21:59 | |
| CVE-2011-0315 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Servlet Engine / Web Container component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 allows remote attackers to inject arbitrary web script or HTML via vectors
|
17-08-2017 - 01:33 | 12-01-2011 - 01:00 | |
| CVE-2011-0316 | 5.0 |
The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 does not properly restrict access to console servlets, which allows remote attackers to obtain potentially sensitive status inf
|
17-08-2017 - 01:33 | 12-01-2011 - 01:00 | |
| CVE-2011-1307 | 2.1 |
The installer in IBM WebSphere Application Server (WAS) before 7.0.0.15 uses 777 permissions for a temporary log directory, which allows local users to have unintended access to log files via standard filesystem operations, a different vulnerability
|
21-04-2011 - 04:00 | 08-03-2011 - 21:59 | |
| CVE-2011-1309 | 7.5 |
The Plug-in component in IBM WebSphere Application Server (WAS) before 7.0.0.15 does not properly handle trace requests, which has unspecified impact and attack vectors.
|
07-04-2011 - 04:00 | 08-03-2011 - 21:59 |