Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
site server commerce vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2000-0161
Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not validate an identification number, which allows remote malicious users to execute SQL commands.
Microsoft Site Server 3.0
5
CVSSv2
CVE-1999-0867
Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers.
Microsoft Commercial Internet System 2.0
Microsoft Internet Information Server 4.0
Microsoft Site Server 3.0
Microsoft Commercial Internet System 2.5
1 EDB exploit
7.5
CVSSv2
CVE-2006-1257
The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remote malicious users to bypass authentication by logging in to authfiles/login.asp with a valid username and any password, then going to the main site twice.
Microsoft Commerce Server 2002
4.3
CVSSv2
CVE-2004-1738
Cross-site scripting (XSS) vulnerability in page.php in JShop allows remote malicious users to inject arbitrary web script or HTML via the xPage parameter.
Jshop E-commerce Jshop Server 1.2
10
CVSSv2
CVE-1999-1011
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote malicious users to execute arbitrary commands.
Microsoft Index Server 2.0
Microsoft Internet Information Server 3.0
Microsoft Data Access Components 2.0
Microsoft Data Access Components 2.1
Microsoft Data Access Components 1.5
Microsoft Internet Information Server 4.0
Microsoft Site Server 3.0
2 EDB exploits
1 Article
9.3
CVSSv2
CVE-2012-0158
The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2...
Microsoft Office 2010
Microsoft Office 2003
Microsoft Office Web Components 2003
Microsoft Office 2007
Microsoft Sql Server 2000
Microsoft Sql Server 2008
Microsoft Sql Server 2005
Microsoft Biztalk Server 2002
Microsoft Commerce Server 2002
Microsoft Commerce Server 2007
Microsoft Commerce Server 2009
Microsoft Visual Foxpro 8.0
Microsoft Visual Foxpro 9.0
Microsoft Visual Basic 6.0
1 EDB exploit
7 Github repositories
44 Articles
3.5
CVSSv2
CVE-2021-41188
Shopware is open source e-commerce software. Versions before 5.7.6 contain a cross-site scripting vulnerability. This issue is patched in version 5.7.6. Two workarounds are available. Using the security plugin or adding a particular following config to the `.htaccess` file will p...
Shopware Shopware
2.6
CVSSv2
CVE-2000-0518
Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a connection is made to the server via an image or a frame, aka one of two different "SSL Certificate Validation" vulnerabilities.
Microsoft Internet Explorer 4.0
Microsoft Ie 4.0.1
Microsoft Ie 5.0.1
Microsoft Ie 4.0
Microsoft Ie 5.0
Microsoft Ie 5
5.1
CVSSv2
CVE-2001-0338
Internet Explorer 5.5 and previous versions does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote malicious users to spoof trusted web sites, aka the "Server certificate validation vulnerability.&...
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2