Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
indexing service vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2000-0942
The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote malicious users to conduct a cross site scripting (CSS) attack via a CiRestriction parameter in a .htw request, aka the "Indexing Services Cross Site Scripting" vulnerability.
Microsoft Indexing Service
1 EDB exploit
NA
CVE-2000-1105
The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled.
Microsoft Indexing Service
1 EDB exploit
NA
CVE-2001-0245
Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote malicious users to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability.
Microsoft Index Server 2.0
Microsoft Indexing Service
NA
CVE-2001-0500
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and previous versions allows remote malicious users to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) f...
Microsoft Internet Information Server
Microsoft Index Server 2.0
Microsoft Indexing Service
5 EDB exploits
1 Github repository
6.5
CVSSv3
CVE-2023-25822
ReportPortal is an AI-powered test automation platform. Prior to version 5.10.0 of the `com.epam.reportportal:service-api` module, corresponding to ReportPortal version 23.2, the ReportPortal database becomes unstable and reporting almost fully stops except for small launches wit...
Reportportal Service-api
Reportportal Reportportal
7.5
CVSSv3
CVE-2018-15448
A vulnerability in the user management functions of Cisco Registered Envelope Service could allow an unauthenticated, remote malicious user to discover sensitive user information. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerabil...
Cisco Registered Envelope Service -
NA
CVE-2006-0032
Cross-site scripting (XSS) vulnerability in the Indexing Service in Microsoft Windows 2000, XP, and Server 2003, when the Encoding option is set to Auto Select, allows remote malicious users to inject arbitrary web script or HTML via a UTF-7 encoded URL, which is injected into an...
Microsoft Windows 2003 Server Datacenter Edition
Microsoft Windows 2003 Server Enterprise Edition Itanium
Microsoft Windows 2003 Server Standard 64-bit
Microsoft Windows 2003 Server Web
Microsoft Windows Xp
Microsoft Windows 2000
Microsoft Windows 2003 Server Datacenter Edition Itanium
Microsoft Windows 2003 Server R2
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2003 Server Sp1
Microsoft Windows 2003 Server Standard
Microsoft Windows 2000 Resource Kit
Microsoft Windows 2003 Server Enterprise Edition
1 EDB exploit
NA
CVE-2000-0097
The WebHits ISAPI filter in Microsoft Index Server allows remote malicious users to read arbitrary files, aka the "Malformed Hit-Highlighting Argument" vulnerability.
Microsoft Index Server 2.0
1 EDB exploit
NA
CVE-2004-0897
The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote malicious users to execute arbitrary code via a buffer overflow attack.
Microsoft Windows 2003 Server R2
Microsoft Windows Xp
NA
CVE-2011-2004
Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote malicious users to cause a denial of service (reboot) via a crafted TrueType font file, aka "TrueType Font Parsing Vulnerability...
Microsoft Windows Server 2008 R2
Microsoft Windows 7 -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »