Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iis vulnerabilities and exploits
(subscribe to this query)
NA
CVE_2021_1675
PoC test case Windows Vulnerabilities PrintNightmare CVE-2021-34527/CVE-2021-1675 https://andrewroderos.com/exploiting-printnightmare/ https://pencer.io/hacking/hack-printnightmare/ https://www.infosecmatter.com/metasploit-module-library/?mm=exploit/windows/dcerpc/cve_2021_1675...
1 Github repository
5.3
CVSSv3
CVE-2023-6352
The default configuration of Aquaforest TIFF Server allows access to arbitrary file paths, subject to any restrictions imposed by Internet Information Services (IIS) or Microsoft Windows. Depending on how a web application uses and configures TIFF Server, a remote attacker may be...
Aquaforest Tiff Server 4.2.210913
9.8
CVSSv3
CVE-2023-36434
Windows IIS Server Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 10 21h2
Microsoft Windows 10 1809
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 1507
Microsoft Windows 10 22h2
Microsoft Windows 10 1607
1 Github repository
1 Article
6.1
CVSSv3
CVE-2023-24814
TYPO3 is a free and open source Content Management Framework released under the GNU General Public License. In affected versions the TYPO3 core component `GeneralUtility::getIndpEnv()` uses the unfiltered server environment variable `PATH_INFO`, which allows malicious users to in...
Typo3 Typo3
8.8
CVSSv3
CVE-2022-42136
Authenticated mail users, under specific circumstances, could add files with unsanitized content in public folders where the IIS user had permission to access. That action, could lead an malicious user to store arbitrary code on that files and execute RCE commands.
Mailenable Mailenable
6.1
CVSSv3
CVE-2022-36664
Password Manager for IIS 2.0 has a cross-site scripting (XSS) vulnerability via the /isapi/PasswordManager.dll ResultURL parameter.
Adiscon Password Manager For Iis 2.0
7.4
CVSSv3
CVE-2022-30209
Windows IIS Server Elevation of Privilege Vulnerability
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows Server 2008 R2
Microsoft Windows 7 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2008 -
Microsoft Windows 8.1 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 20h2
Microsoft Windows 10 20h2
Microsoft Windows 10 21h1
Microsoft Windows Server 2022 -
Microsoft Windows 11 -
Microsoft Windows 10 21h2
7.5
CVSSv3
CVE-2021-27474
Rockwell Automation FactoryTalk AssetCentre v10.00 and previous versions does not properly restrict all functions relating to IIS remoting services. This vulnerability may allow a remote, unauthenticated malicious user to modify sensitive data in FactoryTalk AssetCentre.
Rockwellautomation Factorytalk Assetcentre
6.8
CVSSv3
CVE-2021-24490
The Email Artillery (MASS EMAIL) WordPress plugin up to and including 4.1 does not properly check the uploaded files from the Import Emails feature, allowing arbitrary files to be uploaded. Furthermore, the plugin is also lacking any CSRF check, allowing such issue to be exploite...
Email Artillery Project Email Artillery
8.8
CVSSv3
CVE-2021-34527
<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install p...
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019
Microsoft Windows Server 20h2
Microsoft Windows 10 1809
Microsoft Windows 10 20h2
Microsoft Windows 10 1507
Microsoft Windows 10 1607
Microsoft Windows Server 2016
Microsoft Windows Server 2022
Microsoft Windows 11 21h2
Microsoft Windows 10 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 22h2
106 Github repositories
6 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »