CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2005-1441
https://notcve.org/view.php?id=CVE-2005-1441
03 May 2005 — Format string vulnerability in Lotus Domino 6.0.x before 6.0.5 and 6.5.x before 6.5.4 allows remote attackers to cause a denial of service via the Notes protocol (NRPC). • http://secunia.com/advisories/14879 •
CVSS: 6.1EPSS: 2%CPEs: 1EXPL: 2CVE-2004-2310 – IBM Lotus Domino 6.5.1 - HTTP webadmin.nsf Quick Console Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2004-2310
31 Dec 2004 — Cross-site scripting (XSS) vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows remote attackers to inject arbitrary web script or HTML via a Domino command in the Quick Console. • https://www.exploit-db.com/exploits/23837 •
CVSS: 3.6EPSS: 0%CPEs: 1EXPL: 3CVE-2004-2311 – IBM Lotus Domino 6/7 - HTTP webadmin.nsf Directory Traversal
https://notcve.org/view.php?id=CVE-2004-2311
31 Dec 2004 — Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. (dot dot) in the new folder dialog. • https://www.exploit-db.com/exploits/23836 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2004-2369
https://notcve.org/view.php?id=CVE-2004-2369
31 Dec 2004 — Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. (dot dot) in the directory creation command. • http://members.lycos.co.uk/r34ct/main/ibm_lotus_domino/lotus.txt •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2004-2667
https://notcve.org/view.php?id=CVE-2004-2667
31 Dec 2004 — Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x before 6.0.4 and 6.5.x before 6.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. • http://secunia.com/advisories/11925 •
CVSS: 6.1EPSS: 1%CPEs: 8EXPL: 5CVE-2004-1621 – IBM Lotus Domino 6.x - Cross-Site Scripting / HTML Injection
https://notcve.org/view.php?id=CVE-2004-1621
18 Oct 2004 — NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote attackers to execute arbitrary web script or HTML via square brackets at the beginning and end of (1) computed for display, (2) computed when composed, or (3) computed text element fields. NOTE: the vendor has disputed this issue, saying that it is not a problem with Notes/Domino itself, but with the applications that do not properly han... • https://www.exploit-db.com/exploits/24690 •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 2CVE-2004-0668 – IBM Lotus Domino Server 6 - Web Access Remote Denial of Service
https://notcve.org/view.php?id=CVE-2004-0668
13 Jul 2004 — Web Access in Lotus Domino 6.5.1 allows remote attackers to cause a denial of service (server crash) via a large e-mail message, as demonstrated using a large image attachment. • https://www.exploit-db.com/exploits/24243 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2004-0669
https://notcve.org/view.php?id=CVE-2004-0669
13 Jul 2004 — Lotus Domino 6.5.0 and 6.5.1, with IMAP enabled, allows remote authenticated users to change their quota by using the IMAP setquota command. • http://marc.info/?l=bugtraq&m=108869022708571&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2004-0029
https://notcve.org/view.php?id=CVE-2004-0029
08 Jan 2004 — Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable permissions, which allows local users to modify the Notes configuration and gain privileges. Lotus Notes Domino 6.0.2 para Linux instala el fichero de configuración notes.ini con permisos de escritura para todo el mundo, lo que permite a usuarios locales modificar la configuración de Notes y ganar privilegios. • http://marc.info/?l=bugtraq&m=107340897710308&w=2 •
CVSS: 9.8EPSS: 26%CPEs: 29EXPL: 0CVE-2003-0122
https://notcve.org/view.php?id=CVE-2003-0122
18 Mar 2003 — Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field. Desbordamiento de búfer en el servidor de Lotus Notes R4, R5 anteriores a 5.0.11 y betas de R6 permite a atacantes remotos ejecutar código arbitrario mediante un nombre distinguido (DN) largo durante la autenticación NotesRPC y una longitud ext... • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0125.html •