Peoplesoft Peopletools — known CVE vulnerabilities
Every CVE whose affected-product data names Peoplesoft Peopletools, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2003-0950 — CVSS 7.5 (high): PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to execute arbitrary commands by uploading a file to the IClient…
CVE-2003-0104 — CVSS 5.0 (medium): Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via…
CVE-2003-0626 — CVSS 5.0 (medium): psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2)…
CVE-2003-0627 — CVSS 5.0 (medium): psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to cause a denial of service (application crash), possibly…
CVE-2003-0628 — CVSS 5.0 (medium): PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the…
CVE-2002-1252 — CVSS 5.0 (medium): The Application Messaging Gateway for PeopleTools 8.1x before 8.19, as used in various PeopleSoft products, allows remote attackers to read…
CVE-2003-0629 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environment for PeopleTools 8.43 and earlier allows remote attackers to…
CVE-2006-0584 — CVSS 2.1 (low): The PSCipher function in PeopleSoft People Tools 8.4x uses PKCS #5 with a fixed DES key to store user passwords, which makes it easier for…