Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Lotus_domino
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 88 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2013-08-27 | CVE-2013-0590 | Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0591. | Lotus_domino, Lotus_inotes | N/A | ||
| 2013-03-27 | CVE-2013-0489 | Cross-site request forgery (CSRF) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote authenticated users to hijack the authentication of administrators. | Lotus_domino | N/A | ||
| 2013-03-27 | CVE-2013-0488 | Cross-site scripting (XSS) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM Domino 8.5.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Lotus_domino | N/A | ||
| 2013-03-27 | CVE-2013-0487 | The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentials by leveraging knowledge of configuration details, aka SPR KLYH8TNNDN. | Lotus_domino | N/A | ||
| 2013-03-27 | CVE-2013-0486 | Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attackers to cause a denial of service (memory consumption and daemon crash) via GET requests, aka SPR KLYH92NKZY. | Lotus_domino | N/A | ||
| 2013-02-27 | CVE-2012-4844 | Cross-site scripting (XSS) vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Lotus_domino | N/A | ||
| 2013-02-27 | CVE-2012-4842 | Open redirect vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | Lotus_domino | N/A | ||
| 2012-08-21 | CVE-2012-3302 | Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Domino 7.x and 8.x before 8.5.4 allow remote attackers to inject arbitrary web script or HTML via (1) a URL accessed during use of the Mail template in the WebMail UI or (2) a URL accessed during use of Domino Help through the Domino HTTP server. | Lotus_domino | N/A | ||
| 2012-08-21 | CVE-2012-3301 | Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotus Domino 8.5.x before 8.5.4 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input involving (1) Mozilla Firefox 3.0.9 and earlier or (2) unspecified browsers. | Lotus_domino | N/A | ||
| 2011-09-19 | CVE-2011-3576 | Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 8.5.2 allows remote attackers to inject arbitrary web script or HTML via the PanelIcon parameter in an fmpgPanelHeader ReadForm action to WebAdmin.nsf. | Lotus_domino | N/A |