CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2013-4050
https://notcve.org/view.php?id=CVE-2013-4050
Cross-site request forgery (CSRF) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad CSRF en webadmin.nsf en Domino Web Administrator de IBM Domino 8.5 y 9.0 permite a usuarios remotos autenticados secuestrar la autenticación de víctimas sin especificar a través de vectores desconocidos. • http://www-01.ibm.com/support/docview.wss?uid=swg21652988 https://exchange.xforce.ibmcloud.com/vulnerabilities/86433 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2013-5388
https://notcve.org/view.php?id=CVE-2013-5388
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK5F. Vulnerabilidad de XSS en iNotes en IBM Domino 8.5.3 anterior a FP5 IF2 y 9.0 anterior a IF5 permite a atacantes remotos inyectar script web arbitrario o HTML a través de vectores sin especificar, aka SPR PTHN9AYK5F. • http://www-01.ibm.com/support/docview.wss?uid=swg21653149 https://exchange.xforce.ibmcloud.com/vulnerabilities/87123 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2013-5389
https://notcve.org/view.php?id=CVE-2013-5389
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK2X. Vulnerabilidad de XSS en iNotes de IBM Domino 8.5.3 anterior a FP5 IF2 y 9.0 anterior a IF5 permite a atacantes remotos inyectar script web arbitrario o HTML a través de vectores sin especificar, aka SPR PTHN9AYK2X. • http://www-01.ibm.com/support/docview.wss?uid=swg21653149 https://exchange.xforce.ibmcloud.com/vulnerabilities/87125 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 2%CPEs: 7EXPL: 0CVE-2013-4068
https://notcve.org/view.php?id=CVE-2013-4068
Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8. Desbordamiento de buffer en iNotes en IBM Domino 8.5.3 anterior a FP5 IF1 y 9.0 anterior a IF4 permite a los usuarios remotos autenticados ejecutar código arbitrario a través de vectores no especificados, también conocido como SPR PTHN9ADPA8. • http://www-01.ibm.com/support/docview.wss?uid=swg21649476 http://www-01.ibm.com/support/docview.wss?uid=swg21650034 http://www-01.ibm.com/support/docview.wss?uid=swg21650146 https://exchange.xforce.ibmcloud.com/vulnerabilities/86599 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 94%CPEs: 1EXPL: 0CVE-2013-3027 – IBM Lotus iNotes ActiveX Control Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3027
Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to execute arbitrary code via a crafted web page, aka SPR PTHN97XHFW. Desbordamiento de entero en el control ActiveX DWA9W en iNotes en IBM Domino v9.0 anterior a IF3 permite a atacantes remotos ejecutar código arbitrario a través de una página web diseñada, también conocido como SPR PTHN97XHFW. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus iNotes. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of user provided input in ActiveX controls. An integer overflow exists which leads to a heap buffer overflow. • http://www-01.ibm.com/support/docview.wss?uid=swg21644599 http://www-01.ibm.com/support/docview.wss?uid=swg21645503 https://exchange.xforce.ibmcloud.com/vulnerabilities/84381 • CWE-189: Numeric Errors •