CVE-2026-1694 Server configuration details in HTTP headers

HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at the deployment phase of the webservices used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It unnecessarily exposes sensitive information...

CVE-2026-1694

HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at the deployment phase of the webservices used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It unnecessarily exposes sensitive information...

CVE-2023-53950

InnovaStudio WYSIWYG Editor 5.4 contains an unrestricted file upload vulnerability that allows attackers to bypass file extension restrictions through filename manipulation. Attackers can upload malicious ASP shells by using null byte techniques and alternate file extensions to circumvent upload...

ROS-20251124-01

A vulnerability in the ASP.NET Core software platform and Microsoft's software development tool, Visual Studio, is related to authentication bypass. Visual Studio is related to authentication bypass. Exploitation of the vulnerability could allow an attacker, acting remotely to escalate their...

EUVD-2008-2401

Malware in sbrugna...

EUVD-2008-2398

Malware in sbrugna...

EUVD-2008-2400

Malware in sbrugna...

EUVD-2008-2396

Malware in sbrugna...

AndSoft e-TMS 跨站脚本漏洞

AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...

CVE-2023-31326

Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment TEE driver, potentially leading to loss of confidentiality...

Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service', 'Description' = %q The vulnerability allows remote unauthenticated attackers to force...

Carrier MASmobile Security Breach

Carrier MASmobile is a dedicated MASterMind service from Carrier Corporation of America. It allows authorized central station personnel and dealers to use mobile devices to manage customer data, turn system tests on or off, and view system event history, test history and system zones. A security...

PT-2023-8274 · Amd +1 · Amd Asp Handler +1

Name of the Vulnerable Software and Affected Versions: AMD ASP Handler affected versions not specified Description: The issue is related to improper address validation in ASP with SNP enabled, which may allow an attacker to compromise guest memory integrity. It is also described as a buffer...

PT-2023-4293

Name of the Vulnerable Software and Affected Versions ASP.NET affected versions not specified Description The issue is related to an elevation-of-privilege vulnerability in ASP.NET, which allows attackers to affect the system. This vulnerability is associated with insufficient access controls in...

CVE-2023-32628

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to modify the file extension of a certificate file to ASP when uploading it, which can lead to remote code execution...

PT-2023-12088 · Microsoft · Asp

Name of the Vulnerable Software and Affected Versions: ASP affected versions not specified Description: Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL, which may cause arbitrary memory values to be initialized to zero, potentially leading t...

Umbraco Forms 代码问题漏洞

Umbraco Forms is a form builder. A security vulnerability exists in Umbraco Forms version v.8.7.0 that originates from a vulnerability that allows an unauthenticated attacker to execute arbitrary code via a crafted web.config and asp file...

SUSE CVE-2008-2404

Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages ASP Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field...

SUSE CVE-2010-4225

Unspecified vulnerability in the modmono module for XSP in Mono 2.8.x before 2.8.2 allows remote attackers to obtain the source code for .aspx ASP.NET applications via unknown vectors related to an "unloading bug."...

CVE-2021-46767

Insufficient input validation in the ASP may allow an attacker with physical access, unauthorized write access to memory potentially leading to a loss of integrity or denial of service...