Product Microsoft Iis

Affected Versions (19): 1.0, 2.0, 2.5, 3.0, 4.0, 5.0, 5.06, 5.1, 6, 6.0, 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 8.0, 8.5, 10

Link to Product Website: https://www.microsoft.com/

Software Type: Web Server

PublishedBaseTempVulnerability0dayTodayExpRemCTICVE
03/10/20207.47.1Microsoft IIS input validation$25k-$100k$5k-$25kNot DefinedOfficial Fix0.09CVE-2020-0645
06/11/20196.86.5Microsoft IIS Request Filter data processing$5k-$25k$0-$5kNot DefinedOfficial Fix0.06CVE-2019-0941
03/27/20178.58.2Microsoft IIS WebDAV ScStoragePathFromUrl Immortal/ExploidingCan memory corruption$25k-$100k$0-$5kHighOfficial Fix0.00CVE-2017-7269
03/14/20175.24.7Microsoft IIS cross site scripting$5k-$25k$0-$5kProof-of-ConceptOfficial Fix1.03CVE-2017-0055
05/10/20167.87.5Microsoft IIS DLL Loader access control$25k-$100k$0-$5kNot DefinedOfficial Fix0.06CVE-2016-0152
11/28/20144.34.1Microsoft IIS Error Message mypage cross site scriting$5k-$25k$0-$5kHighWorkaround0.05
11/11/20146.55.7Microsoft IIS IP/Domain Restriction access control$25k-$100k$0-$5kUnprovenOfficial Fix0.56CVE-2014-4078
04/23/20146.56.5Microsoft IIS input validation$25k-$100k$5k-$25kNot DefinedNot Defined0.05CVE-2011-5279
11/13/20125.34.8Microsoft IIS FTP Command information disclosure$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.09CVE-2012-2532
11/13/20125.34.8Microsoft IIS Log File Permission information disclosure$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.05CVE-2012-2531
06/30/20126.55.9Microsoft IIS File Name Tilde privileges management$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.05CVE-2005-4360
12/22/20107.57.2Microsoft IIS FTP Server memory corruption$25k-$100k$0-$5kHighOfficial Fix0.05CVE-2010-3972
09/15/20107.37.0Microsoft IIS Access Restriction improper authentication$5k-$25k$0-$5kHighOfficial Fix0.00CVE-2010-2731
09/14/20105.95.7Microsoft IIS memory corruption$25k-$100k$0-$5kHighOfficial Fix0.06CVE-2010-1899
09/14/20107.37.0Microsoft IIS FastCGI memory corruption$25k-$100k$0-$5kNot DefinedOfficial Fix0.09CVE-2010-2730
06/08/20109.99.9Microsoft IIS code injection$25k-$100k$5k-$25kNot DefinedNot Defined0.14CVE-2010-1256
02/05/20104.34.3Microsoft IIS cross site scripting$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2003-1582
12/29/20096.36.0Microsoft IIS asp:.jpg input validation$25k-$100k$0-$5kNot DefinedOfficial Fix0.06CVE-2009-4445
12/24/20095.45.1Microsoft IIS ASP input validation$25k-$100k$5k-$25kProof-of-ConceptNot Defined0.05CVE-2009-4444
09/04/20097.57.2Microsoft IIS FTP Server resource management$5k-$25k$0-$5kHighOfficial Fix0.00CVE-2009-2521
06/10/20098.17.7Microsoft IIS improper authentication$25k-$100k$0-$5kHighOfficial Fix0.06CVE-2009-1122
06/10/20098.17.7Microsoft IIS Password Protection improper authentication$25k-$100k$0-$5kHighOfficial Fix0.06CVE-2009-1535
09/29/20089.89.8Microsoft iis ActiveX Control iisext.dll credentials management$25k-$100k$5k-$25kNot DefinedNot Defined0.06CVE-2008-4301
09/29/20085.35.3Microsoft iis ActiveX Control adsiis.dll input validation$5k-$25k$5k-$25kNot DefinedNot Defined0.03CVE-2008-4300
02/12/200810.09.0Microsoft IIS code injection$25k-$100k$5k-$25kProof-of-ConceptOfficial Fix0.05CVE-2008-0075

167 more entries are not shown

more entries by Microsoft

Do you need the next level of professionalism?

Upgrade your account now!