Vulnerabilities > Peoplesoft > Peopletools > 8.10
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-12-15 | CVE-2003-0950 | Unspecified vulnerability in Peoplesoft Peopletools PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to execute arbitrary commands by uploading a file to the IClient Servlet, guessing the insufficiently random (system time) name of the directory used to store the file, and directly requesting that file. | 7.5 |
2003-12-15 | CVE-2003-0629 | Unspecified vulnerability in Peoplesoft Peopletools Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environment for PeopleTools 8.43 and earlier allows remote attackers to insert arbitrary web script via a certain HTTP request to IScript. network peoplesoft | 4.3 |
2003-12-15 | CVE-2003-0628 | Unspecified vulnerability in Peoplesoft Peopletools PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value. | 5.0 |
2003-11-13 | CVE-2003-0626 | Directory Traversal vulnerability in PeopleSoft PeopleBooks psdoccgi.exe psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments. | 5.0 |
2003-03-18 | CVE-2003-0104 | Remote Command Execution vulnerability in PeopleSoft PeopleTools SchedulerTransfer Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet. | 5.0 |