Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
index server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2001-0986
SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote malicious users to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fil...
Microsoft Index Server 2.0
1 EDB exploit
NA
CVE-1999-1397
Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed.
Microsoft Index Server 2.0
NA
CVE-2001-0244
Buffer overflow in Microsoft Index Server 2.0 allows remote malicious users to execute arbitrary commands via a long search parameter.
Microsoft Index Server 2.0
NA
CVE-2000-0302
Microsoft Index Server allows remote malicious users to view the source code of ASP files by appending a %20 to the filename in the CiWebHitsFile argument to the null.htw URL.
Microsoft Index Server 2.0
1 EDB exploit
NA
CVE-2000-0097
The WebHits ISAPI filter in Microsoft Index Server allows remote malicious users to read arbitrary files, aka the "Malformed Hit-Highlighting Argument" vulnerability.
Microsoft Index Server 2.0
1 EDB exploit
NA
CVE-2000-0098
Microsoft Index Server allows remote malicious users to determine the real path for a web directory via a request to an Internet Data Query file that does not exist.
Microsoft Index Server 2.0
NA
CVE-2001-0245
Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote malicious users to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability.
Microsoft Indexing Service
Microsoft Index Server 2.0
NA
CVE-2001-0500
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and previous versions allows remote malicious users to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) f...
Microsoft Internet Information Server
Microsoft Indexing Service
Microsoft Index Server 2.0
5 EDB exploits
1 Github repository
NA
CVE-1999-1011
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote malicious users to execute arbitrary commands.
Microsoft Site Server 3.0
Microsoft Data Access Components 2.0
Microsoft Internet Information Server 3.0
Microsoft Index Server 2.0
Microsoft Internet Information Server 4.0
Microsoft Data Access Components 1.5
Microsoft Data Access Components 2.1
2 EDB exploits
1 Article
NA
CVE-2001-0250
The Web Publishing feature in Netscape Enterprise Server 4.x and previous versions allows remote malicious users to list arbitrary directories under the web server root via the INDEX command.
Netscape Enterprise Server 4.0
Netscape Enterprise Server 3.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »