Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iis vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1744
Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote malicious users to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot d...
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2010-2731
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote malicious users to bypass intended access restrictions and execute ASP files via a crafted request, aka "Dire...
1 EDB exploit
NA
CVE-2000-0886
IIS 5.0 allows remote malicious users to execute arbitrary commands via a malformed request for an executable file whose name is appended with operating system commands, aka the "Web Server File Request Parsing" vulnerability.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-1999-0448
IIS 4.0 and Apache log HTTP request methods, regardless of how long they are, allowing a remote malicious user to hide the URL they really request.
Microsoft Internet Information Server 4.0
1 EDB exploit
NA
CVE-2001-0151
IIS 5.0 allows remote malicious users to cause a denial of service via a series of malformed WebDAV requests.
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2000-0246
IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote malicious users to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability.
Microsoft Commercial Internet System 2.5
Microsoft Internet Information Server 4.0
Microsoft Site Server Commerce 3.0
Microsoft Internet Information Services 5.0
Microsoft Proxy Server 2.0
Microsoft Site Server 3.0
Microsoft Commercial Internet System 2.0
1 EDB exploit
NA
CVE-2000-0630
IIS 4.0 and 5.0 allows remote malicious users to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
1 EDB exploit
NA
CVE-2000-0457
ISM.DLL in IIS 4.0 and 5.0 allows remote malicious users to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR&...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-1999-0725
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote malicious user to view the source code of certain files, a.k.a. "Double Byte Code Page".
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
1 EDB exploit
NA
CVE-2005-4734
Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5.2 and 5.3 for IIS allows remote malicious users to execute arbitrary code via a long url parameter in the Redirect method.
Rsa Authentication Agent For Web 5.2
Rsa Authentication Agent For Web 5.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »