6 matches found
CVE-2007-0939
CVE-2007-0939 is an XSS vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2. The issue arises from MCMS not fully validating input in HTML redirect queries, allowing remote attackers to inject script or HTML that runs in a user’s browser. Exploitation requires user i...
CVE-2007-0938
CVE-2007-0938 describes a remote code execution vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2, caused by improper handling of certain characters in crafted HTTP requests. The CMS Memory Corruption vulnerability could allow an attacker to take control of an affe...
CVE-2002-0719
CVE-2002-0719 is a SQL injection vulnerability in Microsoft Content Management Server (MCMS) 2001, affecting the function that services MCMS image/file requests. It allows remote attackers to execute arbitrary commands via crafted resource requests. Exploitation details indicate network-based acc...
CVE-2002-0700
This CVE concerns Microsoft Content Management Server (MCMS) 2001, where a buffer overflow in the Profile Service (an MDAC-related function used during user authentication) can allow an attacker to execute code in the Local System context by authenticating to a vulnerable web page. The issue is c...
CVE-2003-0002
The CVE-2003-0002 entry concerns a Cross-site scripting (XSS) vulnerability in Microsoft Content Management Server (MCMS) 2001, specifically in the ManualLogin.asp script. The issue allows remote attackers to inject and execute arbitrary script through the REASONTXT parameter. The incident is doc...
CVE-2002-0718
CVE-2002-0718 affects Microsoft Content Management Server (MCMS) 2001. The vulnerability lies in the Web authoring function, allowing an attacker to authenticate and upload executable content by modifying the upload location (Program Execution via MCMS Authoring Function). Related data in the con...