Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iis vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-3140
IBM Web Application Firewall, as used on the G400 IPS-G400-IB-1 and GX4004 IPS-GX4004-IB-2 appliances with update 31.030, does not properly handle query strings with multiple instances of the same parameter, which allows remote malicious users to bypass intended intrusion prevent...
Ibm Web Application Firewall -
Ibm G400 Ips-g400-ib-1 Appliance 31.030
Ibm Gx4004 Ips-gx4004-ib-2 Appliance 31.030
NA
CVE-2011-1068
Microsoft Windows Azure Software Development Kit (SDK) 1.3.x prior to 1.3.20121.1237, when Full IIS and a Web Role are used with an ASP.NET application, does not properly support the use of cookies for maintaining state, which allows remote malicious users to obtain potentially s...
Microsoft Windows Azure Sdk 1.3
NA
CVE-2010-3972
Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote malicious users to execute arbitrary code or cause a denial of service (daemon c...
Microsoft Internet Information Services 7.5
1 EDB exploit
1 Github repository
NA
CVE-2010-0112
Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager prior to 8.4.16 allow remote malicious users to execute arbitrary SQL commands via (1) the rdReport parameter to rdpageimlogic.aspx, related to the sGetDefinition fu...
Symantec Im Manager 8.4.7
Symantec Im Manager 8.4.8
Symantec Im Manager 6.0
Symantec Im Manager 6.5
Symantec Im Manager 8.3
Symantec Im Manager 8.4.9
Symantec Im Manager 8.4.10
Symantec Im Manager 7.0
Symantec Im Manager 7.5
Symantec Im Manager 8.4.0
Symantec Im Manager 8.4.1
Symantec Im Manager 8.4.2
Symantec Im Manager 8.4.11
Symantec Im Manager 8.4.12
Symantec Im Manager 8.4.5
Symantec Im Manager 8.4.6
Symantec Im Manager 8.4.13
Symantec Im Manager
NA
CVE-2010-3229
The Secure Channel (aka SChannel) security package in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when IIS 7.x is used, does not properly process client certificates during SSL and TLS handshakes, which allows remote malicious users ...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows 7
Microsoft Windows Vista
NA
CVE-2010-3332
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote malicious users to decrypt and modify encrypted Vie...
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
3 EDB exploits
1 Github repository
NA
CVE-2010-2730
Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote malicious users to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
Microsoft Internet Information Services 7.5
1 Github repository
NA
CVE-2010-2731
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote malicious users to bypass intended access restrictions and execute ASP files via a crafted request, aka "Dire...
1 EDB exploit
NA
CVE-2010-1899
Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote malicious users to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka "IIS Repeated Parameter...
Microsoft Internet Information Server 6.0
Microsoft Internet Information Services 7.5
1 EDB exploit
1 Github repository
NA
CVE-2010-1886
Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2, and Windows 7 allow local users to gain privileges by leveraging access to a process with NetworkService credentials, as demonstrated by TAPI Server, SQL Server, ...
Microsoft Windows Xp -
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 2003 Server -
Microsoft Windows 7 -
Microsoft Windows Xp
Microsoft Windows Vista
Microsoft Windows 2003 Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »