Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft commerce server 2002 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0623
Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 and 2002 allows remote malicious users to execute arbitrary code via long authentication data, aka "New Variant of the ISAPI Filter Buffer Overrun".
Microsoft Commerce Server 2002
Microsoft Commerce Server 2000
NA
CVE-2006-1257
The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remote malicious users to bypass authentication by logging in to authfiles/login.asp with a valid username and any password, then going to the main site twice.
Microsoft Commerce Server 2002
NA
CVE-2012-0158
The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2...
Microsoft Office 2010
Microsoft Office 2003
Microsoft Office Web Components 2003
Microsoft Office 2007
Microsoft Sql Server 2000
Microsoft Sql Server 2008
Microsoft Sql Server 2005
Microsoft Biztalk Server 2002
Microsoft Commerce Server 2002
Microsoft Commerce Server 2007
Microsoft Commerce Server 2009
Microsoft Visual Foxpro 8.0
Microsoft Visual Foxpro 9.0
Microsoft Visual Basic 6.0
1 EDB exploit
8 Github repositories
44 Articles
NA
CVE-2002-0622
The Office Web Components (OWC) package installer for Microsoft Commerce Server 2000 allows remote malicious users to execute commands by passing the commands as input to the OWC package installer, aka "OWC Package Command Execution".
Microsoft Commerce Server 2000
NA
CVE-2002-0620
Buffer overflow in the Profile Service of Microsoft Commerce Server 2000 allows remote malicious users to cause the server to fail or run arbitrary code in the LocalSystem security context via an input field using an affected API.
Microsoft Commerce Server 2000
NA
CVE-2002-0621
Buffer overflow in the Office Web Components (OWC) package installer used by Microsoft Commerce Server 2000 allows remote malicious users to cause the process to fail or run arbitrary code in the LocalSystem security context via certain input to the OWC package installer.
Microsoft Commerce Server 2000
NA
CVE-2002-0050
Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 allows remote malicious users to execute arbitrary code via long authentication data.
Microsoft Commerce Server 2000
NA
CVE-2002-1769
Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the "Log on locally" privilege.
Microsoft Site Server 3.0
Microsoft Site Server Commerce 3.0
NA
CVE-2002-2081
cphost.dll in Microsoft Site Server 3.0 allows remote malicious users to cause a denial of service (disk consumption) via an HTTP POST of a file with a long TargetURL parameter, which causes Site Server to abort and leaves the uploaded file in c:\temp.
Microsoft Site Server 3.0
Microsoft Site Server Commerce 3.0
NA
CVE-2002-2073
Cross-site scripting (XSS) vulnerability in the default ASP pages on Microsoft Site Server 3.0 on Windows NT 4.0 allows remote malicious users to inject arbitrary web script or HTML via the (1) ctr parameter in Default.asp and (2) the query string to formslogin.asp.
Microsoft Site Server Commerce 3.0
Microsoft Site Server 3.0
Microsoft Windows Nt 4.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »