Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft sharepoint server 2.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-0081
Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote malicious users to cause a denial of service (W3WP process hang) via a crafted URL, aka "SharePoint Denial...
Microsoft Sharepoint Foundation 2010
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Server 2013
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Portal Server 2003
Microsoft Sharepoint Services 3.0
Microsoft Sharepoint Services 2.0
10
CVSSv2
CVE-2013-1330
The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute, which allows remote malicious users to execute arbitrary code by leveraging an unassi...
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Foundation 2010
Microsoft Sharepoint Services 2.0
Microsoft Sharepoint Portal Server 2003
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Services 3.0
Microsoft Office Web Apps 2010
4.3
CVSSv2
CVE-2011-1893
Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2010, Windows SharePoint Services 2.0 and 3.0 SP2, and SharePoint Foundation 2010 allows remote malicious users to inject arbitrary web script or HTML via the URI, aka "SharePoint XSS Vulnerabilit...
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Services 2.0
Microsoft Sharepoint Services 3.0
Microsoft Sharepoint Foundation 2010
4.3
CVSSv2
CVE-2008-1888
Cross-site scripting (XSS) vulnerability in Microsoft Windows SharePoint Services 2.0 allows remote malicious users to inject arbitrary web script or HTML via the Picture Source (aka picture object source) field in the Rich Text Editor.
Microsoft Sharepoint Server 2.0
1 EDB exploit
9.3
CVSSv2
CVE-2013-1315
Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote malicious users to execute arbitrary code or ca...
Microsoft Excel Viewer
Microsoft Excel 2013
Microsoft Office Compatibility Pack
Microsoft Excel 2003
Microsoft Office 2011
Microsoft Sharepoint Foundation 2010
Microsoft Excel 2010
Microsoft Excel 2007
Microsoft Sharepoint Services 3.0
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Services 2.0
Microsoft Sharepoint Portal Server 2003
Microsoft Office Web Apps 2010
9.3
CVSSv2
CVE-2018-8284
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4...
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.6.1
Microsoft Project Server 2013
Microsoft Project Server 2010
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Enterprise Server 2013
Microsoft Sharepoint Foundation 2010
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Server 2013
1 Github repository
9.3
CVSSv2
CVE-2013-3847
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote malicious users to execute arbitrary code or cause a denial of...
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Foundation 2010
Microsoft Sharepoint Services 3.0
Microsoft Sharepoint Services 2.0
Microsoft Sharepoint Portal Server 2003
Microsoft Office Web Apps 2010
Microsoft Word Viewer
Microsoft Office Compatibility Pack
Microsoft Word 2010
Microsoft Word 2007
Microsoft Word 2003
6
CVSSv2
CVE-2003-0904
Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. whe...
Microsoft Exchange Server 2003
Microsoft Sharepoint Services 2.0
Microsoft Windows Server 2003
Microsoft Windows Server 2003 -
Microsoft Windows Server 2003 R2
6.8
CVSSv2
CVE-2020-1147
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
Microsoft .net Core 2.1
Microsoft .net Core 3.1
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.6
Microsoft .net Framework 4.8
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft Sharepoint Server 2010
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Enterprise Server 2013
Microsoft Sharepoint Server 2019
Microsoft Visual Studio 2019
Microsoft Visual Studio 2017
1 Article
5
CVSSv2
CVE-2019-1006
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.8
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft Windows 10 1803
Microsoft Windows 10 1809
Microsoft Windows 10 1903
Microsoft Windows Server 2008 -
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Foundation 2013
Microsoft Windows Rt 8.1 -
Microsoft Windows 10 1607
Microsoft Windows 10 1709
Microsoft Windows Server 2008 R2
1 Github repository
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started