Lotus Domino Security Vulnerabilities and Issues — Lotus Domino CVE List

Lucene search

IbmLotus Domino

4 matches found

CVE•added 2005/08/03 4:0 a.m.•77 views

CVE-2005-2428

Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote attackers to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTPPassword field, (2) the password ch...

5CVSS5.8AI score0.08537EPSS

CVE•added 2005/08/16 4:0 a.m.•39 views

CVE-2004-2310

Cross-site scripting (XSS) vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows remote attackers to inject arbitrary web script or HTML via a Domino command in the Quick Console.

4.3CVSS6AI score0.02535EPSS

CVE•added 2005/08/16 4:0 a.m.•38 views

CVE-2004-2311

Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. (dot dot) in the new folder dialog.

3.6CVSS6.6AI score0.00734EPSS

CVE•added 2005/08/16 4:0 a.m.•38 views

CVE-2004-2369

Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. (dot dot) in the directory creation command.

6.4CVSS6.9AI score0.00258EPSS