1.0.0.0

DATE	CVE	VULNERABILITY TITLE	RISK
2013-04-23	CVE-2013-0503	Cross-Site Scripting vulnerability in IBM Lotus Connections Cross-site scripting (XSS) vulnerability in the Bookmarks component in IBM Lotus Connections before 4.0 CR3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network ibm CWE-79	4.3
2008-10-31	CVE-2008-4808	Information Exposure vulnerability in IBM Lotus Connections IBM Lotus Connections 2.x before 2.0.1 allows attackers to discover passwords via unspecified vectors. network low complexity ibm CWE-200	5.0
2008-10-31	CVE-2008-4807	Credentials Management vulnerability in IBM Lotus Connections IBM Lotus Connections 2.x before 2.0.1 stores the password for the administrative user in the trace.log file, which allows local users to obtain sensitive information by reading this file. local low complexity ibm CWE-255	2.1
2008-10-31	CVE-2008-4806	SQL Injection vulnerability in IBM Lotus Connections Multiple SQL injection vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 allow remote attackers to execute arbitrary SQL commands via the sortField parameter to unspecified components. network low complexity ibm CWE-89	7.5
2008-10-31	CVE-2008-4805	Cross-Site Scripting vulnerability in IBM Lotus Connections Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the community title, (2) API input, and vectors related to the (3) Homepage, (4) Blogs, (5) Profiles, (6) Dogear, (7) Activities, and (8) Global Search components. network ibm CWE-79	4.3