CVE-2026-11317

creationtimestamp| type| source ---|---|--- 2026-06-16 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-167-03 2026-06-16 16:01:43+00:00| seen| https://bsky.app/profile/boredchilada.bsky.social/post/3mog6bmgo4o2o 2026-06-16 17:48:09+00:00| seen|...

CVE-2019-18935

Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Exploitation can result in remote...

EUVD-2021-15918

Malware in sbrugna...

CVE-2025-11317

A vulnerability was identified in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This affects the function findRolePage of the file findSingConfigPage.do. The manipulation of the argument sort leads to sql injection. The attack is possible to be carried out remotely. The explo...

CVE-2025-11317

A vulnerability was identified in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This affects the function findRolePage of the file findSingConfigPage.do. The manipulation of the argument sort leads to sql injection. The attack is possible to be carried out remotely. The explo...

CVE-2021-29281

File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317...

ABB Cylon Aspect 3.08.02 - PHP Session Fixation

Exploit title: ABB Cylon Aspect 3.08.02 PHP Session Fixation Vulnerability Advisory ID: ZSL-2025-5916 Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5916.php CVE ID: CVE-2024-11317 CVE URL: https://www.cve.org/CVERecord?id=CVE-2024-11317 Vendor: ABB Ltd. Product web page:...

CVE-2024-11317 PHP Session Fixation

Session Fixation vulnerabilities allow an attacker to fix a users session identifier before login providing an opportunity for session takeover on a product. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

CVE-2021-29281

File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317...

Unrestricted file upload

File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317...

CVE-2021-29281

CVE-2021-29281 is a file-upload vulnerability in GFI Mail Archiver prior to or up to v15.1 caused by insecure use of the Telerik Web UI plugin, tying to CVE-2014-2217 and CVE-2017-11317. The vulnerability enables arbitrary file uploads/execution via the Telerik UI for ASP.NET AJAX file upload iss...

Deserialization of untrusted data

An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ASP.NET AJAX. An attacker can leverage this vulnerability when the encryption keys are known due...

CVE-2021-44029

CVE-2021-44029 affects Quest KACE Desktop Authority prior to 11.2. The issue allows remote code execution via deserialization in the RadAsyncUpload function of ASP.NET AJAX; exploitation is possible when encryption keys are known (related to CVE-2017-11317/11357 or other means). In newer ASP.NET ...

CVE-2020-11317

...

CVE-2020-11317

CVE-2020-11317 is rejected/not used as stated in the Initial Description.

U.S. Dept Of Defense: Remote Code Execution via Insecure Deserialization in Telerik UI (CVE-2019-18935)

Description: https://██████/██████████/Telerik.Web.UI.WebResource.axd?type=rau is vulnerable to CVE-2017-11317 and CVE-2019-18935, allowing an attacker to upload arbitrary files and gain remote code execution on the underlying system. References...

CVE-2019-11317

This CVE entry is rejected/not used and does not represent an active vulnerability entry.

CVE-2019-11317

...

Telerik UI ASP.NET AJAX RadAsyncUpload Deserialization Exploit

This Metasploit module exploits the .NET deserialization vulnerability within the RadAsyncUpload RAU component of Telerik UI ASP.NET AJAX that is identified as CVE-2019-18935. In order to do so the module must upload a mixed mode .NET assembly DLL which is then loaded through the deserialization...

CVE-2017-11317

creationtimestamp| type| source ---|---|--- 2020-10-20 15:57:21+00:00| seen| MISP/42d04e94-bf5b-427d-acc8-f5d740675941 2020-10-20 15:58:04+00:00| seen| MISP/d925a2ee-e7cf-46f6-bec1-ad8e19122730 2020-10-20 18:32:21+00:00| seen|...