4 results (0.016 seconds)

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1

Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot. • http://www.securityfocus.com/archive/1/311660 http://www.securityfocus.com/archive/1/311806 http://www.securityfocus.com/bid/6841 https://exchange.xforce.ibmcloud.com/vulnerabilities/11311 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0

Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script. • http://www.iss.net/security_center/static/6789.php http://www.kb.cert.org/vuls/id/642239 http://www.osvdb.org/1887 http://www.securityfocus.com/archive/1/194465 http://www.securityfocus.com/archive/1/194609 http://www.securityfocus.com/bid/2962 •

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands. • http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21085603 http://www.kb.cert.org/vuls/id/176972 https://exchange.xforce.ibmcloud.com/vulnerabilities/6591 •

CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 3

Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack. • https://www.exploit-db.com/exploits/20529 https://www.exploit-db.com/exploits/20530 http://www.osvdb.org/1703 http://www.securityfocus.com/archive/1/154537 http://www.securityfocus.com/archive/1/155124 http://www.securityfocus.com/bid/2173 https://exchange.xforce.ibmcloud.com/vulnerabilities/5899 •