Backoffice CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-1999-0379	1 Microsoft	1 Backoffice Resource Kit	2025-04-03	N/A
Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting.
CVE-1999-0372	1 Microsoft	3 Backoffice, Windows 2000, Windows Nt	2025-04-03	N/A
The installer for BackOffice Server includes account names and passwords in a setup file (reboot.ini) which is not deleted.
CVE-2002-0736	1 Microsoft	1 Backoffice	2025-04-03	N/A
Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank.

Page 1 of 1.