Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
site server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2000-0246
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote malicious users to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
Microsoft Commercial Internet System 2.5
Microsoft Internet Information Server 4.0
Microsoft Site Server Commerce 3.0
Microsoft Internet Information Services 5.0
Microsoft Proxy Server 2.0
Microsoft Site Server 3.0
Microsoft Commercial Internet System 2.0
1 EDB exploit
5
CVSSv2
CVE-1999-0867
Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers.
Microsoft Commercial Internet System 2.0
Microsoft Internet Information Server 4.0
Microsoft Site Server 3.0
Microsoft Commercial Internet System 2.5
1 EDB exploit
10
CVSSv2
CVE-2008-0568
Unspecified vulnerability in the IP-authentication feature in the Secure Site 5.x-1.0 and 4.7.x-1.0 module for Drupal allows remote malicious users to gain the privileges of a user who has authenticated from behind the same proxy server as the attacker.
Drupal Secure Site Module 5.0
Drupal Secure Site Module 4.7
NA
CVE-2024-22212
Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. A problem in the password verification method allows an malicious user to authenticate as another user. It is recommended that the Nextcloud...
Nextcloud Global Site Selector
NA
CVE-2024-23826
spbu_se_site is the website of the Department of System Programming of St. Petersburg State University. prior to 2024.01.29, when uploading an avatar image, an authenticated user may intentionally use a large Unicode filename which would lead to a server-side denial of service un...
Se.math.spbu Spbu Se Site
10
CVSSv2
CVE-1999-1011
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote malicious users to execute arbitrary commands.
Microsoft Index Server 2.0
Microsoft Internet Information Server 3.0
Microsoft Data Access Components 2.0
Microsoft Data Access Components 2.1
Microsoft Data Access Components 1.5
Microsoft Internet Information Server 4.0
Microsoft Site Server 3.0
2 EDB exploits
1 Article
5
CVSSv2
CVE-1999-0007
Information from SSL-encrypted sessions via PKCS #1.
C2net Stonghold Web Server 2.0.1
C2net Stonghold Web Server 2.2
C2net Stonghold Web Server 2.3
Hp Open Market Secure Webserver 2.1
Microsoft Exchange Server 5.5
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
Microsoft Site Server 3.0
Netscape Certificate Server 1.0
Netscape Collabra Server 3.5.2
Netscape Directory Server 1.3
Netscape Directory Server 3.1
Netscape Directory Server 3.12
Netscape Enterprise Server 2.0
Netscape Enterprise Server 3.0.1b
Netscape Enterprise Server 3.5.1
Netscape Fasttrack Server 3.01b
Netscape Messaging Server 3.54
Netscape Proxy Server 3.5.1
Ssleay Ssleay 0.6.6
Ssleay Ssleay 0.8.1
Ssleay Ssleay 0.9
5.5
CVSSv2
CVE-2008-4014
Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Application Server allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Oracle Application Server 1.0
Oracle Application Server 7.0.4.4
Oracle Application Server 10.1.4.0
Oracle Application Server 9.0.2.0.1
Oracle Application Server 1.0.2.2
Oracle Application Server 9.2.0.7
Oracle Application Server 10.1.2.1
Oracle Application Server 10.1.3
Oracle Application Server 10.1.3.1.0
Oracle Application Server 9.0.4
Oracle Application Server 10.2.0.0
Oracle Application Server 1.0.2.0
Oracle Application Server 3.0.7
Oracle Application Server 9.0.4.3
Oracle Application Server 10.1.2
Oracle Application Server 10.1.2.0
Oracle Application Server 10.1.2.3
Oracle Application Server 6.0.8.26 Ps17
Oracle Application Server 9.0.2.0.0
Oracle Application Server 4.0.8.2
Oracle Application Server 11i
Oracle Application Server 10.1.3.0
3.5
CVSSv2
CVE-2015-3443
Cross-site scripting (XSS) vulnerability in the basic dashboard in Thycotic Secret Server 8.6.x, 8.7.x, and 8.8.x prior to 8.8.000005 allows remote authenticated users to inject arbitrary web script or HTML via a password entry, which is not properly handled when toggling the pas...
Thycotic Secret Server 8.8.000000
Thycotic Secret Server 8.8.000001
Thycotic Secret Server 8.6.000000
Thycotic Secret Server 8.6.000009
Thycotic Secret Server 8.8.000004
Thycotic Secret Server 8.6.000010
Thycotic Secret Server 8.7.000000
1 EDB exploit
4.3
CVSSv2
CVE-2008-2751
Multiple cross-site scripting (XSS) vulnerabilities in the Glassfish webadmin interface in Sun Java System Application Server 9.1_01 allow remote malicious users to inject arbitrary web script or HTML via the (1) propertyForm:propertyContentPage:propertySheet:propertSectionTextFi...
Sun Java System Application Server 9.1 01
Oracle Glassfish Server 1.0
Oracle Glassfish Server 2.1.1
Oracle Glassfish Server 3.0.1
Oracle Glassfish Server 2.1
Oracle Glassfish Server 2.0
Oracle Glassfish Server 3.0
7 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »