CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2009-5060
https://notcve.org/view.php?id=CVE-2009-5060
22 Mar 2011 — Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by accessing an entry in a calendar, aka SPR MZHA7SEBJX. Vulnerabilidad no especificada en IBM Lotus Quickr v8.1 anterior a v8.1.0.11, servicios para Lotus Domino podría permitir a usuarios remotos autenticados causar una denegación de servicio (caída del demonio) mediante el acceso a una entrada en un calendario, también conocido como... • http://www-01.ibm.com/support/docview.wss?uid=swg27013341 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2009-5061
https://notcve.org/view.php?id=CVE-2009-5061
22 Mar 2011 — Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 services for Lotus Domino, when Domino Native Authentication is enabled, might allow remote authenticated users to cause a denial of service (daemon crash) by going offline, aka SPR MLZG7UPB9N. Vulnerabilidad no especificada en IBM Lotus Quickr 8.1 anteriores a 8.1.0.14 services para Lotus Domino, cuando la autenticación nativa de Domino está activada, podría permitir a usuarios remotos autenticados provocar una denegación de servicio (caída ... • http://www-01.ibm.com/support/docview.wss?uid=swg27013341 •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2009-5062
https://notcve.org/view.php?id=CVE-2009-5062
22 Mar 2011 — IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX allows remote authenticated users to cause a denial of service (daemon crash) by subscribing to an Atom feed, aka SPR JRIE7VKMP9. UsIBM Lotus Quickr 8.1 anteriores a la versión 8.1.0.15 services para Lotus Domino en AIX permite a usuarios remotos autenticados provocar una denegación de servicio (caída del demonio) mediante la suscripción de un feed Atom. También conocido como SPR JRIE7VKMP9. • http://www-01.ibm.com/support/docview.wss?uid=swg27013341 • CWE-399: Resource Management Errors •
CVSS: 6.1EPSS: 2%CPEs: 77EXPL: 3CVE-2010-0714 – IBM (Multiple Products) - Login Page Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-0714
26 Feb 2010 — Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to inject arbitrary web script or HTML via the query string. Vulnerabilidad de ejecución de secuencias de comandos en s... • https://www.exploit-db.com/exploits/33675 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 77EXPL: 1CVE-2010-0715
https://notcve.org/view.php?id=CVE-2010-0715
26 Feb 2010 — Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string. Vulnerabilidad de redireccionamiento dir... • http://www-01.ibm.com/support/docview.wss?uid=swg21421469 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2009-3453
https://notcve.org/view.php?id=CVE-2009-3453
29 Sep 2009 — Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1.0 services for WebSphere Portal allow remote attackers to inject arbitrary web script or HTML via the filename of a .odt file in a Lotus Quickr place, related to the Library template. Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en IBM Lotus Quickr v8.1.0 servicios para WebSphere Portal permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del nom... • http://osvdb.org/58384 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2008-4505
https://notcve.org/view.php?id=CVE-2008-4505
09 Oct 2008 — Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) might allow attackers to cause a denial of service (system crash) via a "nonstandard URL argument" to the OpenDocument command. NOTE: due to lack of details from the vendor, it is not clear whether this is a vulnerability. Vulnerabilidad inespecifica en IBM Lotus Quickr v8.1 anterior al parche 1 (v8.1.0.1) que permite a atacantes producir una denegación de servicio (caida del sistema) a través de un argumento URL no estandar al co... • http://secunia.com/advisories/32098 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2008-4506
https://notcve.org/view.php?id=CVE-2008-4506
09 Oct 2008 — Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows a place manager to "demote or delete a place superuser group" via unknown vectors. Una vulnerabilidad no especificada en Lotus Quickr de IBM versiones 8.1 anteriores al Fixpack 1 (8.1.0.1), permite a un administrador de lugares "demote or delete a place superuser group" por medio de vectores desconocidos. • http://secunia.com/advisories/32098 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2008-4507
https://notcve.org/view.php?id=CVE-2008-4507
09 Oct 2008 — Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows editors to delete pages that were created by a different author via unknown vectors. Vulnerabilidad no especificada en IBM Lotus Quickr 8.1 anterior a Fix pack 1 (8.1.0.1) permite a los editores borrar paginas que fueron creadas por un autor diferente mediante vectores desconocidos. • http://secunia.com/advisories/32098 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2008-3860
https://notcve.org/view.php?id=CVE-2008-3860
29 Aug 2008 — Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG editors, (2) during local group creation, (3) during HTML redirects, (4) in the HTML import, (5) in the Rich text editor, and (6) in link-page in IBM Lotus Quickr 8.1 services for Lotus Domino before Hotfix 15 allow remote attackers to inject arbitrary web script or HTML via unknown vectors, including (7) the Imported Page. NOTE: the vulnerability in the WYSIWYG editors may exist because of an incomplete fix for CVE-2008-2163. Múltiples ... • http://osvdb.org/49772 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •