CVSS: 6.8EPSS: 3%CPEs: 2EXPL: 0CVE-2003-0223
https://notcve.org/view.php?id=CVE-2003-0223
Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message. Vulnerabilidad de secuencias de comandos en sitios cruzados en la función ASP responsable de la redirección en el Microsoft Internet Information Server (IIS) 4.0, 5.0, y 5.1 permite que atacantes remotos embeban una URL que contiene script en un mensaje de redirección. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A66 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1745
https://notcve.org/view.php?id=CVE-2002-1745
Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to view the source code for files with extensions containing with one additional character after .html, .htm, .asp, or .inc, such as .aspx files. • http://online.securityfocus.com/archive/1/268303 http://www.securityfocus.com/bid/4543 https://exchange.xforce.ibmcloud.com/vulnerabilities/8853 • CWE-193: Off-by-one Error •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2002-1694
https://notcve.org/view.php?id=CVE-2002-1694
Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while IIS is running. • http://online.securityfocus.com/archive/1/250591 http://www.securityfocus.com/bid/3888 https://exchange.xforce.ibmcloud.com/vulnerabilities/7919 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1717
https://notcve.org/view.php?id=CVE-2002-1717
Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information via a GET request to (1) /_vti_pvt/access.cnf, (2) /_vti_pvt/botinfs.cnf, (3) /_vti_pvt/bots.cnf, or (4) /_vti_pvt/linkinfo.cnf. • http://online.securityfocus.com/archive/1/255555 http://online.securityfocus.com/archive/1/256125 http://www.securityfocus.com/bid/4078 https://exchange.xforce.ibmcloud.com/vulnerabilities/8174 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2002-1695
https://notcve.org/view.php?id=CVE-2002-1695
Norton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while Norton Internet Security is running. • http://online.securityfocus.com/archive/1/250591 http://www.securityfocus.com/bid/3888 https://exchange.xforce.ibmcloud.com/vulnerabilities/7919 •