241 matches found
CVE-2015-1640
Cross-site scripting XSS vulnerability in Microsoft Project Server 2010 SP2 and 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."...
Cross site scripting
Cross-site scripting XSS vulnerability in Microsoft Project Server 2010 SP2 and 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."...
CVE-2015-1640
CVE-2015-1640 describes a cross-site scripting (XSS) vulnerability impacting Microsoft Project Server 2010 SP2 and 2013 SP1, attributed to insufficient input filtering in SharePoint/Project Server components. The core issue is improper sanitization of crafted requests that allows an attacker to i...
CVE-2015-1640
Cross-site scripting XSS vulnerability in Microsoft Project Server 2010 SP2 and 2013 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "Microsoft SharePoint XSS Vulnerability."...
Security Update for Microsoft Project Server 2013 (KB2965278)
A security vulnerability exists in Microsoft Project Server 2013 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...
Security Update for Microsoft Project Server 2013 (KB2965278) farm-deployment
A security vulnerability exists in Microsoft Project Server 2013 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...
Microsoft SharePoint CVE-2015-1640 Cross Site Scripting Vulnerability
Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...
Microsoft Office Web Component Memory Access Violation Denial of Service Vulnera
Microsoft Office Web组件一款基与Web的数据透视表控件。 Microsoft Office Web包含的ActiveX控件存在设计错误,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 构建恶意的EWB页,诱使用户访问,可导致对应用程序进行拒绝服务攻击。 Microsoft Office Web Components 2003 0 + Microsoft BizTalk Server 2002 Developer Edition + Microsoft BizTalk Server 2002 Enterprise Edition + Microsoft Commer...
Microsoft Project Server 2003 PDSRequest.ASP XML请求信息泄露漏洞
Microsoft Project server 2003实现部分瘦客户端功能,瘦客户端使用XML请求对HTTPS服务进行对话。 这些请求其中一个返回用于访问SQL数据库的MSProjectUser帐户的用户名和密码信息: -------------------------------------------------------------- POST http://SERVER/projectserver/logon/pdsrequest.asp HTTP/1.0 Accept: / Accept-Language: en-nz Pragma: no-cache Host:...
CVE-2006-6617
projectserver/logon/pdsrequest.asp in Microsoft Project Server 2003 allows remote authenticated users to obtain the MSProjectUser password for a SQL database via a GetInitializationData request, which includes the information in the UserName and Password tags of the response...
CVE-2006-6617
CVE-2006-6617 affects Microsoft Project Server 2003. The vulnerability lies in projectserver/logon/pdsrequest.asp where a GetInitializationData response can expose the UserName and Password fields, allowing remote authenticated users to obtain the MSProjectUser password for the SQL database. The ...
Project Server 2003 - Credential Disclosure
============================================================== Project Server 2003 - Credential Disclosure [email protected] ============================================================== Microsoft Project server 2003 implements a thick client for some of the functionality. The...
Microsoft Project Server 2003 information leak
Username and password for Microsoft SQL Server account is sent by client request...
Update for Microsoft Project Server 2010 (KB2881024)
Update for Microsoft Project Server 2010 KB2881024...
Update for Microsoft Project Server 2013 (KB2752074)
Update for Microsoft Project Server 2013 KB2752074...
Update for Microsoft Project Server 2013 (KB2880996) farm-deployment
Update for Microsoft Project Server 2013 KB2880996 farm-deployment...
Update for Microsoft Project Server 2010 (KB2553430)
Update for Microsoft Project Server 2010 KB2553430...
Update for Microsoft Project Server 2010 (KB2881024) farm-deployment
Update for Microsoft Project Server 2010 KB2881024 farm-deployment...
Update for Microsoft Project Server 2013 (KB2827221)
Update for Microsoft Project Server 2013 KB2827221...
Security update 1970-01-01
...