Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
office system vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-32548
OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle attack connects the product to a malicious server and sends a specially crafted data, an arbitrary OS command may be executed on the system where ...
Kingsoft Wps Office 10.8.0.6186
935
VMScore
CVE-2008-3879
The Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 and previous versions in Ultra Shareware Ultra Office Control allows remote malicious users to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in ...
Ultrashareware Ultra Office Control
1 EDB exploit
445
VMScore
CVE-2002-0860
The LoadText method in the spreadsheet component in Microsoft Office Web Components (OWC) 2000 and 2002 allows remote malicious users to read arbitrary files through Internet Explorer via a URL that redirects to the target file.
Microsoft Project 2000
Microsoft Project 2002
Microsoft Office Web Components 2000
Microsoft Office Web Components 2002
NA
CVE-2023-5781
A vulnerability, which was classified as critical, has been found in Tongda OA 2017 11.10. This issue affects the function DELETE_STR of the file general/system/res_manage/monitor/delete_webmail.php. The manipulation leads to sql injection. The attack may be initiated remotely. T...
Tongda2000 Tongda Office Anywhere
NA
CVE-2023-5780
A vulnerability classified as critical was found in Tongda OA 2017 11.10. This vulnerability affects unknown code of the file general/system/approve_center/flow_guide/flow_type/set_print/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The attack ca...
Tongda2000 Tongda Office Anywhere
NA
CVE-2023-32755
e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive system information from error message by sending a crafted command.
Edetw U-office Force 20.0.7668d
NA
CVE-2023-6052
A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. Affected is an unknown function of the file general/system/censor_words/module/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the...
Tongda2000 Tongda Office Anywhere
NA
CVE-2023-6053
A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.9. Affected by this issue is some unknown functionality of the file general/system/censor_words/manage/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The ...
Tongda2000 Tongda Office Anywhere
NA
CVE-2023-5783
A vulnerability has been found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this vulnerability is an unknown functionality of the file general/system/approve_center/flow_sort/flow/delete.php. The manipulation of the argument id/sort_parent leads to sql inj...
Tongda2000 Tongda Office Anywhere
828
VMScore
CVE-2020-1498
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logg...
Microsoft Excel 2013
Microsoft Excel 2016
Microsoft Excel 2010
Microsoft Office 2019
Microsoft 365 Apps -
Microsoft Office 2016
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »