Vulnerability Database

Published: Dec 31, 1999
Updated: Nov 9, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-1999-0154" target="_blank" rel="noopener"> CVE-1999-0154
Severity: Medium
Exploit:

317,019

Total vulnerabilities in the database

IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL.

CVSS v2:

No CWE or OWASP classifications available.

Software	From	Fixed in
microsoft / internet_information_server	3.0	3.0.x
microsoft / internet_information_services	2.0	2.0.x

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.