Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
information disclosure vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-27311
NetApp Blue XP Connector versions before 3.9.25 expose information via a directory listing. A new Connector architecture resolves this issue - obtaining the fix requires redeploying a fresh Connector.
* Information Disclosure Vulnerability In Netapp Bluexp Connector
Netapp Blue Xp Connector
6.5
CVSSv3
CVE-2018-2403
Under certain conditions, SAP Disclosure Management 10.1 allows an malicious user to access information which would otherwise be restricted. It is possible for an authorized user to get SAP Disclosure Management to point a specific chapter type to a chapter the user has not been ...
Sap Disclosure Management 10.1
2.6
CVSSv2
CVE-2000-0649
IIS 4.0 allows remote malicious users to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 2.0
Microsoft Internet Information Services 5.0
1 EDB exploit
1 Metasploit module
8 Github repositories
7.8
CVSSv2
CVE-2014-4153
The av-centerd SOAP service in AlienVault OSSIM prior to 4.8.0 allows remote malicious users to read arbitrary files via a crafted get_file request.
Alienvault Open Source Security Information Management
Alienvault Open Source Security Information Management 4.0
Alienvault Open Source Security Information Management 4.3.3
Alienvault Open Source Security Information Management 4.4
Alienvault Open Source Security Information Management 4.5
Alienvault Open Source Security Information Management 4.6
Alienvault Open Source Security Information Management 4.6.1
1 EDB exploit
5
CVSSv2
CVE-2002-0419
Information leaks in IIS 4 up to and including 5.1 allow remote malicious users to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which (2) in certain configurations, the server IP address is provided as the re...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
5
CVSSv2
CVE-1999-0154
IIS 2.0 and 3.0 allows remote malicious users to read the source code for ASP pages by appending a . (dot) to the end of the URL.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Services 2.0
1 EDB exploit
5
CVSSv2
CVE-2000-0413
The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote malicious users to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
Microsoft Frontpage
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
1 Github repository
5
CVSSv2
CVE-2000-0778
IIS 5.0 allows remote malicious users to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
Microsoft Internet Information Services 5.0
2 EDB exploits
5
CVSSv2
CVE-2000-0951
A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote malicious users to list directories in the web root via a Web Distributed Authoring and Versioning (WebDAV) search.
Microsoft Internet Information Services 5.0
1 EDB exploit
5
CVSSv2
CVE-2002-1744
Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote malicious users to view source code and determine the existence of arbitrary files via a hex-encoded "%c0%ae%c0%ae" string, which is the Unicode representation for ".." (dot d...
Microsoft Internet Information Services 5.0
1 EDB exploit
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
type confusion
unspecified
CVE-2025-24200
reflected XSS
panel
CVE-2024-12549
temporal technologies, inc.
CVE-2024-21971
CVE-2024-57777
CVE-2023-31122
CVE-2025-0909
winzip computing
unified secops platform
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »