Page 5 of 36 results (0.012 seconds)

CVSS: 5.0EPSS: 3%CPEs: 9EXPL: 0

Format string vulnerability in Lotus Domino 6.0.x before 6.0.5 and 6.5.x before 6.5.4 allows remote attackers to cause a denial of service via the Notes protocol (NRPC). • http://secunia.com/advisories/14879 http://securitytracker.com/id?1013842 http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21202525 http://www.osvdb.org/15366 http://www.securityfocus.com/bid/13446 https://exchange.xforce.ibmcloud.com/vulnerabilities/20043 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2

Cross-site scripting (XSS) vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows remote attackers to inject arbitrary web script or HTML via a Domino command in the Quick Console. • https://www.exploit-db.com/exploits/23837 http://members.lycos.co.uk/r34ct/main/ibm_lotus_domino/lotus.txt http://secunia.com/advisories/11143 http://www.osvdb.org/4306 http://www.securityfocus.com/bid/9901 https://exchange.xforce.ibmcloud.com/vulnerabilities/15502 •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 2

Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. (dot dot) in the directory creation command. • http://members.lycos.co.uk/r34ct/main/ibm_lotus_domino/lotus.txt http://secunia.com/advisories/11143 http://www.securityfocus.com/bid/9900 https://exchange.xforce.ibmcloud.com/vulnerabilities/15503 https://exchange.xforce.ibmcloud.com/vulnerabilities/15504 •

CVSS: 3.6EPSS: 0%CPEs: 1EXPL: 3

Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. (dot dot) in the new folder dialog. • https://www.exploit-db.com/exploits/23836 http://members.lycos.co.uk/r34ct/main/ibm_lotus_domino/lotus.txt http://secunia.com/advisories/11143 http://www.securityfocus.com/bid/9900 https://exchange.xforce.ibmcloud.com/vulnerabilities/15504 •

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0

Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x before 6.0.4 and 6.5.x before 6.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. • http://secunia.com/advisories/11925 http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21171253 http://www.osvdb.org/displayvuln.php?osvdb_id=7268 •