Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Infovista Subscribe
Total 28 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-19812 1 Infovista 1 Vistaportal 2019-01-02 4.3 MEDIUM 6.1 MEDIUM
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SubFolderPackages.jsp" has reflected XSS via the GroupId parameter.
CVE-2018-19811 1 Infovista 1 Vistaportal 2019-01-02 4.3 MEDIUM 6.1 MEDIUM
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Import.jsp" has reflected XSS via the ConnPoolName parameter.
CVE-2018-19770 1 Infovista 1 Vistaportal 2019-01-02 4.3 MEDIUM 6.1 MEDIUM
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "Users.jsp" has reflected XSS via the ConnPoolName parameter.
CVE-2018-19772 1 Infovista 1 Vistaportal 2019-01-02 4.3 MEDIUM 6.1 MEDIUM
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters.
CVE-2018-19774 1 Infovista 1 Vistaportal 2019-01-02 4.3 MEDIUM 6.1 MEDIUM
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "PresentSpace.jsp" has reflected XSS via the GroupId and ConnPoolName parameters.
CVE-2018-19775 1 Infovista 1 Vistaportal 2019-01-02 4.3 MEDIUM 6.1 MEDIUM
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "Variables.jsp" has reflected XSS via the ConnPoolName and GroupId parameters.
CVE-2006-0863 1 Infovista 1 Portalse 2018-10-18 5.0 MEDIUM N/A
InfoVista PortalSE 2.0 Build 20087 on Solaris 8 allows remote attackers to obtain sensitive information by specifying a nonexistent server in the server field, which reveals the path in an error message.
CVE-2006-0862 1 Infovista 1 Portalse 2018-10-18 5.0 MEDIUM N/A
Unspecified vulnerability in InfoVista PortalSE 2.0 Build 20087 on Solaris 8 without the IV00038969 hotfix allows remote attackers to read arbitrary files via a crafted URL.