Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information services - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-0148
Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote malicious users to execute arbitrary script as other users via an HTTP error page.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
7.5
CVSSv2
CVE-2002-0149
Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via long file names.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
7.5
CVSSv2
CVE-2002-0150
Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote malicious users to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
7.5
CVSSv2
CVE-2001-0902
Microsoft IIS 5.0 allows remote malicious users to spoof web log entries via an HTTP request that includes hex-encoded newline or form-feed characters.
Microsoft Internet Information Services 5.0
7.5
CVSSv2
CVE-2000-1104
Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. T...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
7.5
CVSSv2
CVE-2000-0970
IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote malicious users to hijack the secure web session of the user if that user moves to an insecure session, aka the "Session ID Cookie Marking" vulnerab...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
7.5
CVSSv2
CVE-2000-0884
IIS 4.0 and 5.0 allows remote malicious users to read documents outside of the web root, and possibly execute arbitrary commands, via malformed URLs that contain UNICODE encoded characters, aka the "Web Server Folder Traversal" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
9 EDB exploits
2 Github repositories
7.5
CVSSv2
CVE-2000-0886
IIS 5.0 allows remote malicious users to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
7.5
CVSSv2
CVE-2000-0746
Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then...
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
Microsoft Frontpage
7.5
CVSSv2
CVE-2000-0457
ISM.DLL in IIS 4.0 and 5.0 allows remote malicious users to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR&...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »