CVE-2015-1640
- EPSS 8.96%
- Published 14.04.2015 20:59:04
- Last modified 12.04.2025 10:46:40
Cross-site scripting (XSS) vulnerability in Microsoft Project Server 2010 SP2 and 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."
- EPSS 13.96%
- Published 14.05.2014 11:13:04
- Last modified 12.04.2025 10:46:40
Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation 2010 SP1 and SP2 and 2013 Gold and SP1; Project Server 2010 SP1 and SP2 and 2013 Gold and SP1; Web Applications ...
CVE-2009-0102
- EPSS 47.22%
- Published 09.12.2009 18:30:00
- Last modified 09.04.2025 00:30:58
Microsoft Project 2000 SR1 and 2002 SP1, and Office Project 2003 SP3, does not properly handle memory allocation for Project files, which allows remote attackers to execute arbitrary code via a malformed file, aka "Project Memory Validation Vulnerabi...
CVE-2006-6617
- EPSS 31.72%
- Published 18.12.2006 11:28:00
- Last modified 09.04.2025 00:30:58
projectserver/logon/pdsrequest.asp in Microsoft Project Server 2003 allows remote authenticated users to obtain the MSProjectUser password for a SQL database via a GetInitializationData request, which includes the information in the UserName and Pass...