CVE-2011-2754
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2011-2754
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the PageBuilder2 (aka Page Builder) theme in IBM WebSphere Portal 7.x before 7.0.0.1 CF006, as used in IBM Web Content Manager (WCM) and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
IBM WebSphere Portal PageBuilder2跨站脚本攻击漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IBM WebSphere Portal是美国IBM公司的一套企业门户软件。该软件能够创建一个联接企业内部和外部的平台,可让员工、客户和供应商等通过该平台访问企业内部数据。 在IBM Web Content Manager (WCM)和其他产品中使用的IBM WebSphere Portal 7.0.0.1 CF006之前的7.x版本中的PageBuilder2(Page Builder)theme中存在跨站脚本攻击漏洞。远程攻击者可借助未明向量注入任意web脚本或HTML.
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2011-2754
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2011-2754
请登录查看更多情报信息。
- http://www.ibm.com/support/docview.wss?uid=swg21503959x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2011-2754
Same Patch Batch · n/a · 2011-07-17 · 17 CVEs total
| CVE-2011-2501 | libpng pngerror.c png_format_buffer函数设计错误漏洞 | |
| CVE-2011-2690 | libpng缓冲区错误漏洞 | |
| CVE-2011-2691 | libpng pngerror.c png_err函数拒绝服务漏洞 | |
| CVE-2011-2692 | libpng pngrutil.c png_handle_sCAL函数缓冲区错误漏洞 | |
| CVE-2011-1222 | IBM Tivoli Storage Manager客户端JBB缓冲区溢出漏洞 | |
| CVE-2011-1223 | IBM Tivoli Storage Manager客户端ADS缓冲区溢出漏洞 | |
| CVE-2011-2750 | Novell File Reporter NFRAgent.exe任意文件删除漏洞 | |
| CVE-2011-2751 | Parodia SQL注入漏洞 | |
| CVE-2011-2752 | SquirrelMail CRLF注入漏洞 | |
| CVE-2011-2753 | SquirrelMail多个跨站请求伪造漏洞 | |
| CVE-2011-2755 | ManageEngine ServiceDesk FileDownload.jsp目录遍历漏洞 | |
| CVE-2011-2756 | ManageEngine ServiceDesk FileDownload.jsp授权问题漏洞 | |
| CVE-2011-2757 | ManageEngine ServiceDesk FileDownload.jsp目录遍历漏洞 | |
| CVE-2011-2758 | IBM Tivoli Directory Server Administration Tool IDSWebApp敏感信息泄露漏洞 | |
| CVE-2011-2759 | IBM Tivoli Directory Server Web Administration Tool IDSWebApp登录页面访问漏洞 | |
| CVE-2011-2760 | Brocade BigIron RX交换机ACL安全绕过漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2011-2754
No comments yet