Microsoft » Index Server : Security Vulnerabilities, CVEs, Published In 2000
Microsoft Index Server allows remote attackers to view the source code of ASP files by appending a %20 to the filename in the CiWebHitsFile argument to the null.htw URL.
Max CVSS
5.0
EPSS Score
96.68%
Published
2000-03-31
Updated
2018-10-12
Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist.
Max CVSS
5.0
EPSS Score
96.38%
Published
2000-01-26
Updated
2018-10-12
The WebHits ISAPI filter in Microsoft Index Server allows remote attackers to read arbitrary files, aka the "Malformed Hit-Highlighting Argument" vulnerability.
Max CVSS
5.0
EPSS Score
93.00%
Published
2000-01-26
Updated
2018-10-12
3 vulnerabilities found