Every CVE whose affected-product data names Ibm Lotus Connections, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2008-4809 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in the Profiles search pages in IBM Lotus Connections 2.x before 2.0.1 have unknown impact and attack…
CVE-2010-2279 — CVSS 7.6 (high): The Top Updates implementation in the Homepage component in IBM Lotus Connections 2.5.x before 2.5.0.2, when "forced SSL" is enabled, uses…
CVE-2008-4806 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 allow remote attackers to execute arbitrary SQL commands…
CVE-2011-1032 — CVSS 6.8 (medium): IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login…
CVE-2008-4808 — CVSS 5.0 (medium): IBM Lotus Connections 2.x before 2.0.1 allows attackers to discover passwords via unspecified vectors. NOTE: the provenance of this…
CVE-2013-0503 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Bookmarks component in IBM Lotus Connections before 4.0 CR3 allows remote attackers to…
CVE-2009-3469 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in profiles/html/simpleSearch.do in IBM Lotus Connections 2.0.1 allows remote attackers to inject…
CVE-2009-3816 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Activities pages in the Mobile subsystem in IBM Lotus Connections 2.5.0.0 allow…
CVE-2010-2277 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.5.x before 2.5.0.2 allow remote attackers to inject…
CVE-2011-1030 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Wikis component in IBM Lotus Connections 3.0 allows remote attackers to inject arbitrary…
CVE-2008-4805 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 allow remote attackers to inject arbitrary…
CVE-2010-2280 — CVSS 4.3 (medium): Open redirect vulnerability in the Mobile component in IBM Lotus Connections 2.5.x before 2.5.0.2 allows remote attackers to redirect users…
CVE-2010-2278 — CVSS 4.0 (medium): The bookmarklet pop-up in the Bookmarks component in IBM Lotus Connections 2.5.x before 2.5.0.2 does not properly follow the "force SSL"…
CVE-2008-4807 — CVSS 2.1 (low): IBM Lotus Connections 2.x before 2.0.1 stores the password for the administrative user in the trace.log file, which allows local users to…