Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm lotus domino 6.0 vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv2
CVE-2007-0977
IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to the defaultview view, a different vector than CVE-2005-2428.
Ibm Lotus Domino 5.0
Ibm Lotus Domino 6.0
1 EDB exploit
1 Github repository
5
CVSSv2
CVE-2006-5835
The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino prior to 6.5.5 FP2 and 7.x prior to 7.0.2 does not require authentication to perform user lookups, which allows remote malicious users to obtain the user ID file.
Ibm Lotus Notes 5.0.3
Ibm Lotus Notes 6.0
Ibm Lotus Notes 6.0.1
Ibm Lotus Notes 6.5.2
Ibm Lotus Notes 6.5.3
Ibm Lotus Notes 6.0.2
Ibm Lotus Notes 6.0.3
Ibm Lotus Notes 6.5.4
Ibm Lotus Notes 6.5.5
Ibm Lotus Notes 6.0.4
Ibm Lotus Notes 6.0.5
Ibm Lotus Notes 7.0
Ibm Lotus Notes 7.0.1
Ibm Lotus Notes 5.0.12
Ibm Lotus Notes 6.5
Ibm Lotus Notes 6.5.1
2 Nmap scripts
5
CVSSv2
CVE-2005-2428
Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote malicious users to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTP...
Ibm Lotus Domino 5.0
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.5
2 EDB exploits
1 Github repository
5
CVSSv2
CVE-2005-2175
The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote malicious users to conduct web-based attacks and steal cookies.
Ibm Lotus Notes
1 EDB exploit
5
CVSSv2
CVE-2005-1441
Format string vulnerability in Lotus Domino 6.0.x prior to 6.0.5 and 6.5.x prior to 6.5.4 allows remote malicious users to cause a denial of service via the Notes protocol (NRPC).
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.5.3
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.0.3
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.0.2
Ibm Lotus Domino 6.5.0
Ibm Lotus Domino 6.5.1
Ibm Lotus Domino 6.5.2
5
CVSSv2
CVE-2003-0180
Lotus Domino Web Server (nhttp.exe) prior to 6.0.1 allows remote malicious users to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form.
Ibm Lotus Domino Web Server 6.0
5
CVSSv2
CVE-2003-0181
Lotus Domino Web Server (nhttp.exe) prior to 6.0.1 allows remote malicious users to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name.
Ibm Lotus Domino Web Server 6.0
4.6
CVSSv2
CVE-2005-1442
Buffer overflow in the Lotus Notes client for Domino 6.5 prior to 6.5.4 and 6.0 prior to 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the NOTES.INI file.
Ibm Lotus Notes 6.5.1
Ibm Lotus Notes 6.5.2
Ibm Lotus Notes 6.0.2
Ibm Lotus Notes 6.0.3
Ibm Lotus Notes 6.0
Ibm Lotus Notes 6.0.1
Ibm Lotus Notes 6.5.3
Ibm Lotus Notes 6.0.4
Ibm Lotus Notes 6.5
4.3
CVSSv2
CVE-2008-7253
The default configuration of the web server in IBM Lotus Domino Server, possibly 6.0 up to and including 8.0, enables the HTTP TRACE method, which makes it easier for remote malicious users to steal cookies and authentication credentials via a cross-site tracing (XST) attack, a r...
Ibm Lotus Domino Server 6.0
Ibm Lotus Domino Server 8.0
Ibm Lotus Domino Server 7.0
Ibm Lotus Domino Server 6.5
4.3
CVSSv2
CVE-2004-1621
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote malicious users to execute arbitrary web script or HTML via square brackets at the beginning and end of (1)...
Ibm Lotus Domino 6.5.2
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.0.2
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.5.1
Ibm Lotus Domino 6.5.0
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.0.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »