203 matches found
PT-2025-17934
Name of the Vulnerable Software and Affected Versions ScreenConnect versions 25.2.3 and earlier Description The issue concerns a ViewState code injection attack in ScreenConnect, which uses ASP.NET Web Forms to preserve page and control state. The data is encoded using Base64 and protected by...
Gladinet CentreStack and Triofox Use of Hard-coded Cryptographic Key Vulnerability
Gladinet CentreStack and Triofox contains a use of hard-coded cryptographic key vulnerability in the way that the application manages keys used for ViewState integrity verification. Successful exploitation allows an attacker to forge ViewState payloads for server-side deserialization, allowing fo...
VulnCheck KEV: CVE-2025-30406
Gladinet CentreStack and Triofox contains a use of hard-coded cryptographic key vulnerability in the way that the application manages keys used for ViewState integrity verification. Successful exploitation allows an attacker to forge ViewState payloads for server-side deserialization, allowing...
Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks
Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys from publicly accessible resources, thereby putting their applications in attackers' pathway. The tech giant's threat intelligence team said it observed limited...
CVE-2024-7874
Tungsten Automation Kofax TotalAgility in versions all through 7.9.0.25.0.954 is vulnerable to a Reflected XSS attacks through mfpConnectionId parameter manipulation in a form sent to endpoints "/TotalAgility/Kofax/BrowserDevice/ScanFront.aspx"...
CVE-2024-7875
CVE-2024-7875 affects Tungsten Automation (Kofax) TotalAgility up to version 7.9.0.25.0.954. The vulnerability is a Reflected XSS in the ScanFront.aspx endpoints where mfpScreenResolutionWidth is manipulated via POST data. An attacker can inject JavaScript code, leading to information disclosure,...
CVE-2024-7874 XSS in Tungsten Automation TotalAgility
Tungsten Automation Kofax TotalAgility in versions all through 7.9.0.25.0.954 is vulnerable to a Reflected XSS attacks through mfpConnectionId parameter manipulation in a form sent to endpoints "/TotalAgility/Kofax/BrowserDevice/ScanFront.aspx"...
CVE-2024-7874
CVE-2024-7874 affects Tungsten Automation TotalAgility versions up to 7.9.0.25.0.954. The vulnerability is a Reflected Cross‑Site Scripting (XSS) via the mfpConnectionId parameter in forms posted to /TotalAgility/Kofax/BrowserDevice/ScanFront.aspx and /TotalAgility/Kofax/BrowserDevice/ScanFrontDe...
PT-2024-38650 · Kofax · Totalagility
Name of the Vulnerable Software and Affected Versions: Tungsten Automation Kofax TotalAgility versions all through 7.9.0.25.0.954 Description: The issue is a Reflected XSS vulnerability that can be exploited through manipulation of the mfpConnectionId parameter in a form sent to endpoints...
VulnCheck KEV: CVE-2024-13980
H3C Intelligent Management Center IMC versions up to and including E0632H07 contains a remote command execution vulnerability in the /byod/index.xhtml endpoint. Improper handling of JSF ViewState allows unauthenticated attackers to craft POST requests with forged javax.faces.ViewState...
VulnCheck KEV: CVE-2023-41642
Multiple reflected cross-site scripting XSS vulnerabilities in the ErroreNonGestito.aspx component of GruppoSCAI RealGimm 1.1.37p38 allow attackers to execute arbitrary Javascript in the context of a victim user's browser via a crafted payload injected into the VIEWSTATE parameter...
CVE-2024-5675
Untrusted data deserialization vulnerability has been found in Mentor - Employee Portal, affecting version 3.83.35. This vulnerability could allow an attacker to execute arbitrary code, by injecting a malicious payload into the “ViewState” field...
CVE-2024-5675
Untrusted data deserialization vulnerability has been found in Mentor - Employee Portal, affecting version 3.83.35. This vulnerability could allow an attacker to execute arbitrary code, by injecting a malicious payload into the “ViewState” field...
CVE-2024-5675 Unreliable data deserialization vulnerability in Mentor
Untrusted data deserialization vulnerability has been found in Mentor - Employee Portal, affecting version 3.83.35. This vulnerability could allow an attacker to execute arbitrary code, by injecting a malicious payload into the “ViewState” field...
CVE-2024-5675 Unreliable data deserialization vulnerability in Mentor
Untrusted data deserialization vulnerability has been found in Mentor - Employee Portal, affecting version 3.83.35. This vulnerability could allow an attacker to execute arbitrary code, by injecting a malicious payload into the “ViewState” field...
CVE-2024-5675
CVE-2024-5675 affects Mentor – Employee Portal (version 3.83.35). Untrusted data deserialization in the ViewState field can allow arbitrary code execution. Networks and no user interaction are required per CVSS data; impact is high across confidentiality, integrity and availability. No remediatio...
Metasploit Wrap-Up 03/15/2024
New module content 3 GitLab Password Reset Account Takeover Authors: asterion04 and h00die Type: Auxiliary Pull request: 18716 contributed by h00die Path: admin/http/gitlabpasswordresetaccounttakeover AttackerKB reference: CVE-2023-7028 Description: This adds an exploit module that leverages an...
CVE-2023-34209
Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to obtain the absolute path via unencrypted VIEWSTATE parameter...
CVE-2023-34209
Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to obtain the absolute path via unencrypted VIEWSTATE parameter...
CVE-2023-34209 Exposure of Sensitive System Information to an Unauthorized Control Sphere in EasyUse MailHunter Ultimate
Exposure of Sensitive System Information to an Unauthorized Control Sphere in create template function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to obtain the absolute path via unencrypted VIEWSTATE parameter...