CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2004-2667
https://notcve.org/view.php?id=CVE-2004-2667
Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x before 6.0.4 and 6.5.x before 6.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. • http://secunia.com/advisories/11925 http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21171253 http://www.osvdb.org/displayvuln.php?osvdb_id=7268 •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 5CVE-2004-1621 – IBM Lotus Domino 6.x - Cross-Site Scripting / HTML Injection
https://notcve.org/view.php?id=CVE-2004-1621
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote attackers to execute arbitrary web script or HTML via square brackets at the beginning and end of (1) computed for display, (2) computed when composed, or (3) computed text element fields. NOTE: the vendor has disputed this issue, saying that it is not a problem with Notes/Domino itself, but with the applications that do not properly handle this feature • https://www.exploit-db.com/exploits/24690 http://marc.info/?l=bugtraq&m=109812960023736&w=2 http://marc.info/?l=bugtraq&m=109841682529328&w=2 http://secunia.com/advisories/12891 http://securitytracker.com/id?1011779 http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21187833 http://www.kb.cert.org/vuls/id/404382 http://www.securityfocus.com/bid/11458 https://exchange.xforce.ibmcloud.com/vulnerabilities/17758 •
CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 2CVE-2004-0668 – IBM Lotus Domino Server 6 - Web Access Remote Denial of Service
https://notcve.org/view.php?id=CVE-2004-0668
Web Access in Lotus Domino 6.5.1 allows remote attackers to cause a denial of service (server crash) via a large e-mail message, as demonstrated using a large image attachment. • https://www.exploit-db.com/exploits/24243 http://marc.info/?l=bugtraq&m=108871093704307&w=2 http://www.securityfocus.com/bid/10641 https://exchange.xforce.ibmcloud.com/vulnerabilities/16596 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2004-0669
https://notcve.org/view.php?id=CVE-2004-0669
Lotus Domino 6.5.0 and 6.5.1, with IMAP enabled, allows remote authenticated users to change their quota by using the IMAP setquota command. • http://marc.info/?l=bugtraq&m=108869022708571&w=2 http://www.securityfocus.com/bid/10642 https://exchange.xforce.ibmcloud.com/vulnerabilities/16575 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2004-0029
https://notcve.org/view.php?id=CVE-2004-0029
Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable permissions, which allows local users to modify the Notes configuration and gain privileges. Lotus Notes Domino 6.0.2 para Linux instala el fichero de configuración notes.ini con permisos de escritura para todo el mundo, lo que permite a usuarios locales modificar la configuración de Notes y ganar privilegios. • http://marc.info/?l=bugtraq&m=107340897710308&w=2 http://secunia.com/advisories/10566 http://www.excluded.org/advisories/advisory05.txt http://www.osvdb.org/3424 http://www.securityfocus.com/bid/9366 http://www.securitytracker.com/id?1008623 https://exchange.xforce.ibmcloud.com/vulnerabilities/14153 •