Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft site server 3.0 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2002-0057
XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote malicious users to read arbitrary files by specifying a local file as an XML Data Source.
Microsoft Sql Server 2000
Microsoft Xml Core Services 2.6
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 4.0
Microsoft Internet Explorer 6.0
Microsoft Windows Xp
445
VMScore
CVE-1999-1451
The Winmsdp.exe sample file in IIS 4.0 and Site Server 3.0 allows remote malicious users to read arbitrary files.
Microsoft Site Server 3.0
Microsoft Internet Information Server 4.0
445
VMScore
CVE-2000-0025
IIS 4.0 and Site Server 3.0 allow remote malicious users to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.
Microsoft Site Server 3.0
Microsoft Internet Information Server 4.0
Microsoft Site Server Commerce 3.0
445
VMScore
CVE-1999-0910
Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.
Microsoft Site Server 3.0
Microsoft Commercial Internet System 2.0
Microsoft Site Server Commerce 3.0
Microsoft Commercial Internet System 2.5
435
VMScore
CVE-2013-3179
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote malicious users to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."
Microsoft Sharepoint Services 3.0
Microsoft Sharepoint Foundation 2010
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Server 2010
1 EDB exploit
435
VMScore
CVE-2010-3324
The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows remote malicious users to bypass ...
Microsoft Sharepoint Services 3.0
Microsoft Groove Server 2010
Microsoft Internet Explorer 8
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Foundation 2010
Microsoft Web Apps
1 EDB exploit
435
VMScore
CVE-2010-0817
Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote malicious users to inject arbitrary web script or HTML via the cid0 parameter.
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Services 3.0
1 EDB exploit
435
VMScore
CVE-2007-2581
Multiple cross-site scripting (XSS) vulnerabilities in Microsoft Windows SharePoint Services 3.0 for Windows Server 2003 and Office SharePoint Server 2007 allow remote malicious users to inject arbitrary web script or HTML via the PATH_INFO (query string) in "every main page...
Microsoft Sharepoint Services 3.0
Microsoft Windows 2003
Microsoft Sharepoint Server 2007
1 EDB exploit
435
VMScore
CVE-2002-2073
Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote malicious users to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp.
Microsoft Site Server 3.0
Microsoft Site Server Commerce 3.0
Microsoft Windows Nt 4.0
1 EDB exploit
435
VMScore
CVE-2000-1105
The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled.
Microsoft Indexing Service
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »