Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft outlook web access vulnerabilities and exploits
(subscribe to this query)
8.6
CVSSv3
CVE-2018-16793
Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions has an SSRF vulnerability via the username parameter in /owa/auth/logon.aspx in the OWA (Outlook Web Access) login page.
Microsoft Exchange Server 2010
NA
CVE-2015-2543
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 allows remote malicious users to inject arbitrary web script or HTML via a crafted e-mail message, aka "Exchange Spoofing Vulnerability."
Microsoft Exchange Server 2013
6.1
CVSSv3
CVE-2016-0029
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability," a different vulnerability than CVE-2016-...
Microsoft Exchange Server 2016
6.1
CVSSv3
CVE-2016-0031
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2016 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability," a different vulnerability than CVE-2016-...
Microsoft Exchange Server 2016
NA
CVE-2015-2505
Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote malicious users to obtain sensitive stacktrace information via a crafted request, aka "Exchange Information Disclosure Vulnerability."
Microsoft Exchange Server 2013
NA
CVE-2015-2544
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote malicious users to inject arbitrary web script or HTML via a crafted e-mail message, aka "Exchange Spoofing Vulnerability.&q...
Microsoft Exchange Server 2013
NA
CVE-2001-0666
Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenticated user to cause a denial of service (CPU consumption) via a malformed OWA request for a deeply nested folder within the user's mailbox.
Microsoft Exchange Server 2000
NA
CVE-2003-0116
Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote malicious users to read files on the local system via a web page containing script that creates a dialog and then accesses the ta...
Microsoft Ie 6.0
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 6.0
NA
CVE-2001-0726
Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote malicious users to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message.
Microsoft Exchange Server 5.5
NA
CVE-2002-0189
Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote malicious users to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability.
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 5.0
Microsoft Internet Explorer 6.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »