Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm connections vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2016-2956
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 5.0 before CR4 and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-2954 and CVE-2016-3008.
Ibm Connections 5.5.0.0
Ibm Connections 5.0.0.0
NA
CVE-2008-4805
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.x prior to 2.0.1 allow remote malicious users to inject arbitrary web script or HTML via (1) the community title, (2) API input, and vectors related to the (3) Homepage, (4) Blogs, (5) Profiles, (6) Do...
Ibm Lotus Connections
Ibm Lotus Connections 1.0.2
NA
CVE-2008-4808
IBM Lotus Connections 2.x prior to 2.0.1 allows malicious users to discover passwords via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Ibm Lotus Connections
Ibm Lotus Connections 1.0.2
NA
CVE-2008-4806
Multiple SQL injection vulnerabilities in IBM Lotus Connections 2.x prior to 2.0.1 allow remote malicious users to execute arbitrary SQL commands via the sortField parameter to unspecified components. NOTE: the provenance of this information is unknown; the details are obtained s...
Ibm Lotus Connections 1.0.2
Ibm Lotus Connections
NA
CVE-2008-4807
IBM Lotus Connections 2.x prior to 2.0.1 stores the password for the administrative user in the trace.log file, which allows local users to obtain sensitive information by reading this file. NOTE: the provenance of this information is unknown; the details are obtained solely from...
Ibm Lotus Connections 1.0.2
Ibm Lotus Connections
NA
CVE-2010-2278
The bookmarklet pop-up in the Bookmarks component in IBM Lotus Connections 2.5.x prior to 2.5.0.2 does not properly follow the "force SSL" setting, which might make it easier for remote malicious users to obtain the cleartext of network communication by sniffing the net...
Ibm Lotus Connections 2.5.0
Ibm Lotus Connections 2.5.0.1
NA
CVE-2010-2280
Open redirect vulnerability in the Mobile component in IBM Lotus Connections 2.5.x prior to 2.5.0.2 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "mobile edit actions," aka SPR ASR...
Ibm Lotus Connections 2.5.0
Ibm Lotus Connections 2.5.0.1
NA
CVE-2010-2277
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.5.x prior to 2.5.0.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) create or (2) edit form in the Communities component, the (3) verbiage field in the Bookmarks compon...
Ibm Lotus Connections 2.5.0.1
Ibm Lotus Connections 2.5.0
NA
CVE-2010-2279
The Top Updates implementation in the Homepage component in IBM Lotus Connections 2.5.x prior to 2.5.0.2, when "forced SSL" is enabled, uses http for links, which has unspecified impact and remote attack vectors.
Ibm Lotus Connections 2.5.0
Ibm Lotus Connections 2.5.0.1
6.5
CVSSv3
CVE-2016-2999
IBM Connections 4.x up to and including 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to obtain sensitive information via an unspecified brute-force attack.
Ibm Connections
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »