Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iis vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2017-7269
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote malicious users to execute arbitrary code via a long header beginning with "If: <http://" in a PROP...
Microsoft Internet Information Server 6.0
2 EDB exploits
21 Github repositories
2 Articles
10
CVSSv2
CVE-2013-7442
GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of (1) CANal1 for the Administrator user and (2) iis for the IIS user, which has unspecified impact and attack vectors related to TimbuktuPro. NOTE: it is not clear whether this password is default, hardcoded,...
Gehealthcare Centricity Pacs Workstation 4.0
Gehealthcare Centricity Pacs Workstation 4.0.1
10
CVSSv2
CVE-2010-3972
Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote malicious users to execute arbitrary code or cause a denial of service (daemon c...
Microsoft Internet Information Services 7.5
1 EDB exploit
1 Github repository
10
CVSSv2
CVE-2009-1012
Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote malicious users to affect confidentiality, integrity, a...
Oracle Bea Product Suite 10.0
Oracle Bea Product Suite 9.2
Oracle Bea Product Suite 10.3
Oracle Bea Product Suite 8.1
Oracle Bea Product Suite 7.0
Oracle Bea Product Suite 9.1
Oracle Bea Product Suite 9.0
10
CVSSv2
CVE-2008-5457
Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote malicious users to affect confidentiality, integrity, and availability via ...
Oracle Bea Product Suite 10.3
Oracle Bea Product Suite 10.0
Oracle Bea Product Suite 9.2
Oracle Bea Product Suite 8.1
Oracle Bea Product Suite 7.0
Oracle Bea Product Suite 9.1
Oracle Bea Product Suite 9.0
2 EDB exploits
10
CVSSv2
CVE-2008-4301
A certain ActiveX control in iisext.dll in Microsoft Internet Information Services (IIS) allows remote malicious users to set a password via a string argument to the SetPassword method. NOTE: this issue could not be reproduced by a reliable third party. In addition, the original ...
Microsoft Internet Information Services -
10
CVSSv2
CVE-2008-0075
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 up to and including 6.0 allows remote malicious users to execute arbitrary code via crafted inputs to ASP pages.
Microsoft Internet Information Server 6.0
10
CVSSv2
CVE-2007-2815
The "hit-highlighting" functionality in webhits.dll in Microsoft Internet Information Services (IIS) Web Server 5.0 only uses Windows NT ACL configuration, which allows remote malicious users to bypass NTLM and basic authentication mechanisms and access private web dire...
Microsoft Internet Information Services 5.0
1 EDB exploit
10
CVSSv2
CVE-2004-0897
The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote malicious users to execute arbitrary code via a buffer overflow attack.
Microsoft Windows 2003 Server R2
Microsoft Windows Xp
10
CVSSv2
CVE-2004-1134
Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a long query string.
Microsoft W3who.dll
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »