278 matches found
Progress Sitefinity 9.1 XSS / Session Management / Open Redirect
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Progress Sitefinity vulnerable version: 9.1 fixed version: 10.1 CVE number: - impact: High homepage: http://www.sitefinity.com |...
Progress Sitefinity 9.1 XSS Vulnerability
Progress Sitefinity version 9.1 suffers from cross site scripting, broken session management, and open redirection vulnerabilities. ======================================================================= title: Multiple vulnerabilities product: Progress Sitefinity vulnerable version: 9.1 fixed...
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leadi...
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leadi...
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leadi...
CVE-2017-9248
CVE-2017-9248 affects Progress Telerik UI for ASP.NET AJAX (and Sitefinity) prior to R2 2017 SP1 / 10.0.6412.0. The vulnerability lies in Telerik.Web.UI.dll handling of the Telerik.Web.UI.DialogParametersEncryptionKey and the MachineKey, enabling an attacker to defeat cryptographic protection and...
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leadi...
Sitefinity Enterprise v7.2.53 - Persistent Vulnerability
Document Title: =============== Sitefinity Enterprise v7.2.53 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1369 Release Date: ============= 2015-01-06 Vulnerability Laboratory ID VL-ID: ====================================...
Sitefinity Enterprise 7.2.53 Script Insertion
Document Title: =============== Sitefinity Enterprise v7.2.53 - Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1369 Release Date: ============= 2015-01-06 Vulnerability Laboratory ID VL-ID: ====================================...
Sitefinity Enterprise v7.2.53 - Persistent UI Vulnerability
Document Title: =============== Sitefinity Enterprise v7.2.53 - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1369 Release Date: ============= 2015-01-06 Vulnerability Laboratory ID VL-ID: ===================================...
Sitefinity Enterprise v7.2.53 - Persistent UI Vulnerability
Document Title: =============== Sitefinity Enterprise v7.2.53 - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1369 Release Date: ============= 2015-01-06 Vulnerability Laboratory ID VL-ID: ===================================...
Sitefinity CMS (ASP.NET) Shell Upload Vulnerability
No description provided by source. ============================================================= Sitefinity CMS ASP.NET Shell Upload Vulnerability ============================================================= Exploit Title: Sitefinity CMS ASP.NET Shell Upload Vulnerability DDate: 16/11/2010 Autho...
Sitefinity CMS Detection
The remote host hosts Sitefinity, a web-based content management system CMS written in ASP.NET. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid51118; scriptversion"1.7";...
Sitefinity CMS Arbitrary File Upload
The Sitefinity ASP.NET CMS install hosted on the remote web server may be affected by an arbitrary file upload vulnerability because it does not properly sanitize input data. Note that Nessus did not actually test for the flaw but instead has relied on the version in Sitefinity's banner...
Sitefinity CMS Shell Upload
============================================================= Sitefinity CMS ASP.NET Shell Upload Vulnerability ============================================================= Exploit Title: Sitefinity CMS ASP.NET Shell Upload Vulnerability DDate: 16/11/2010 Author: Net.Edit0r Software Link:...
Sitefinity CMS (ASP.NET) Shell Upload Vulnerability
Exploit for asp platform in category web applications =================================================== Sitefinity CMS ASP.NET Shell Upload Vulnerability =================================================== Exploit Title: Sitefinity CMS ASP.NET Shell Upload Vulnerability DDate: 16/11/2010 Author...
Sitefinity CMS - ASP.NET Arbitrary File Upload
Sitefinity CMS - ASP.NET Arbitrary File Upload ============================================================= Sitefinity CMS ASP.NET Shell Upload Vulnerability ============================================================= Exploit Title: Sitefinity CMS ASP.NET Shell Upload Vulnerability DDate:...
Sitefinity CMS - 'ASP.NET' Arbitrary File Upload
============================================================= Sitefinity CMS ASP.NET Shell Upload Vulnerability ============================================================= Exploit Title: Sitefinity CMS ASP.NET Shell Upload Vulnerability DDate: 16/11/2010 Author: Net.Edit0r Software Link:...