Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-2311Path Traversal in IBM Lotus Domino

4 documents4 sources
Severity
3.6LOWNVD
EPSS
0.7%
top 28.90%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
IBM Lotus Domino
Timeline
PublishedDec 31
Latest updateApr 29

Description

Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. (dot dot) in the new folder dialog.

CVSS vector

AV:L/AC:L/C:P/I:P/A:NExploitability: 3.9 | Impact: 4.9

Affected Packages1 packages

NVDibm/lotus_domino6.5.1

🔴Vulnerability Details

2
GHSA
GHSA-fg8w-f3m7-jc89: Directory traversal vulnerability in webadmin2022-04-29
CVEList
CVE-2004-2311: Directory traversal vulnerability in webadmin2005-08-16

💥Exploits & PoCs

1
Exploit-DB
IBM Lotus Domino 6/7 - HTTP webadmin.nsf Directory Traversal2004-03-17
CVE-2004-2311 — Path Traversal in IBM Lotus Domino | cvebase