Pagelime CMS XSS / Credential Disclosure

================================================================================================================================================= PAGELIME CMS jQuery Cross Site Scripting / Unencrypted VIEWSTATE parameter / User credentials are sent in clear text / Login page password-guessing...

CVE-2010-4514

CVE-2010-4514 is an XSS vulnerability in DotNetNuke 5.05.01 and 5.06.00, affecting Install/InstallWizard.aspx. The underlying issue is improper handling of the __VIEWSTATE parameter, allowing remote attackers to inject arbitrary web script or HTML. Limited by the provided docs, exploitation statu...

Microsoft .NET '__VIEWSTATE' Cross-Site Scripting vulnerability

Microsoft .NET is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft .NET '__VIEWSTATE' Cross-Site Scripting vulnerability

The host is running Microsoft .NET and is prone to Cross-Site Scripting Vulnerability. OpenVAS Vulnerability Test $Id: gbmsdotnetviewstatexssvuln.nasl 6519 2017-07-04 14:08:14Z cfischer $ Microsoft .NET 'VIEWSTATE' Cross-Site Scripting Vulnerability Authors: Antu Sanadi Copyright: Copyright c 201...

CVE-2005-1665

The VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service CPU consumption via deeply nested markup...

ASP.NET __VIEWSTATE crypto validation prone to replay attacks

Good morning, ASP.NET's extremely popular VIEWSTATE functionality provides an automatic, uniform method for storing current state of all webpage "controls" including form fields, database views, etc, so that user-entered data automagically persists and is populated across newly rendered HTML, and...