CVE-2021-28141

An issue was discovered in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows unauthorized access to MicrosoftAjax.js through the Telerik.Web.UI.WebResource.axd file. This may allow the attacker to gain unauthorized access to the server and execute code. To exploit, one must use the...

CVE-2025-61959

Prior to September 19, 2025, the Hospital Manager Backend Services returned verbose ASP.NET error pages for invalid WebResource.axd requests, disclosing framework and ASP.NET version information, stack traces, internal paths, and the insecure configuration 'customErrors mode="Off"', which could...

EUVD-2025-36740

Prior to September 19, 2025, the Hospital Manager Backend Services returned verbose ASP.NET error pages for invalid WebResource.axd requests, disclosing framework and ASP.NET version information, stack traces, internal paths, and the insecure configuration 'customErrors mode="Off"', which could...

CVE-2025-61959 Vertikal Systems Hospital Manager Backend Services Generation of Error Message Containing Sensitive Information

Prior to September 19, 2025, the Hospital Manager Backend Services returned verbose ASP.NET error pages for invalid WebResource.axd requests, disclosing framework and ASP.NET version information, stack traces, internal paths, and the insecure configuration 'customErrors mode="Off"', which could...

CVE-2025-61959

The CVE-2025-61959 entry concerns Vertikal Systems’ Hospital Manager Backend Services. Connected sources confirm concrete details: prior to 19 Sep 2025, the product exposed a live ASP.NET tracing endpoint (/trace.axd) without authentication, enabling remote attackers to harvest request metadata, ...

EUVD-2013-0168

Malware in sbrugna...

CVE-2013-0125

Cross-site scripting XSS vulnerability in fileview.asp in C2 WebResource allows remote attackers to inject arbitrary web script or HTML via the File parameter...

CVE-2023-6759

A vulnerability classified as problematic has been found in Thecosy IceCMS 2.0.1. This affects an unknown part of the file /WebResource/resource of the component Love Handler. The manipulation leads to improper enforcement of a single, unique action. It is possible to initiate the attack remotely...

IceCMS Security Vulnerability

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation by NgShow individual developers. A security vulnerability exists in IceCMS version 2.0.1, which originates from the presence of an unknown part of /WebResource/resource in the Love Handler component...

PT-2023-32762 · Thecosy · Thecosy Icecms

Name of the Vulnerable Software and Affected Versions: Thecosy IceCMS version 2.0.1 Description: A vulnerability has been found in Thecosy IceCMS, affecting an unknown part of the file /WebResource/resource of the component Love Handler. The manipulation leads to improper enforcement of a single,...

cekmeceet.com XSS vulnerability

Vulnerable URL: http://www.cekmeceet.com/WebResource.axd?d=%3Csvg%20onload=alert%28%27XSSPOSED%27%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 17666477 Google Pagerank| 0 V...

hitchhiker.de XSS vulnerability

Vulnerable URL: http://hitchhiker.de/WebResource.axd?d=%3Csvg%20onload=alert%28%27XSSPOSED%27%29%3E Details: Description| Value ---|--- Patched:| Yes, at 25.07.2017 Latest check for patch:| 25.07.2017 12:57 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown...

CVE-2013-0125

Cross-site scripting XSS vulnerability in fileview.asp in C2 WebResource allows remote attackers to inject arbitrary web script or HTML via the File parameter...

CVE-2013-0125

The CVE-2013-0125 entry describes a Cross-site Scripting (XSS) vulnerability in the C2 WebResource interface, specifically fileview.asp with the File parameter. The issue allows remote attackers to inject arbitrary script/HTML, enabling potential information leakage, privilege escalation, and den...

CVE-2013-0125

Cross-site scripting XSS vulnerability in fileview.asp in C2 WebResource allows remote attackers to inject arbitrary web script or HTML via the File parameter...

C2 WebResource - 'File' Cross-Site Scripting

source: https://www.securityfocus.com/bid/58838/info C2 WebResource is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the contex...

C2 WebResource - File Cross-Site Scripting

C2 WebResource - File Cross-Site Scripting source: https://www.securityfocus.com/bid/58838/info C2 WebResource is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...