17 matches found
CVE-2026-6022
In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, leading to disk space exhaustion...
CVE-2026-21629
The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers...
EUVD-2026-17853
The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers...
CVE-2026-21629
The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers...
CVE-2026-21629 Joomla! Core - [20260301] - ACL hardening in com_ajax
The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers...
CVE-2024-42679
SQL Injection vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the/ajax/Login.ashx component...
CVE-2024-42679
SQL Injection vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the/ajax/Login.ashx component...
CVE-2024-40394
Simple Library Management System Project Using PHP/MySQL v1.0 was discovered to contain an arbitrary file upload vulnerability via the component ajax.php...
CVE-2024-40394
Simple Library Management System Project Using PHP/MySQL v1.0 was discovered to contain an arbitrary file upload vulnerability via the component ajax.php...
PT-2024-28826 · Unknown · Simple Library Management System Project Using Php/Mysql
Name of the Vulnerable Software and Affected Versions: Simple Library Management System Project Using PHP/MySQL version 1.0 Description: The issue is related to an arbitrary file upload vulnerability. This vulnerability is present in the ajax.php component. Recommendations: For version 1.0,...
CVE-2024-40394
Simple Library Management System Project Using PHP/MySQL v1.0 was discovered to contain an arbitrary file upload vulnerability via the component ajax.php...
PT-2024-14043 · Unknown · Qstar Archive Solutions
Name of the Vulnerable Software and Affected Versions: QStar Archive Solutions version RELEASE 3-0 Build 7 Patch 0 Description: A DOM Based reflected XSS issue was found in the qnme-ajax component, specifically in the "method=tree table" part. This could potentially allow for malicious script...
CVE-2023-33664
ai-dev aicombinationsonfly before v0.3.1 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php...
CVE-2023-33664
ai-dev aicombinationsonfly before v0.3.1 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php...
PT-2021-24209 · Unknown · Simple Forum-Discussion System
Name of the Vulnerable Software and Affected Versions: Simple Forum-Discussion System version 1.0 Description: The issue affects the Simple Forum-Discussion System, allowing an attacker to retrieve all information from the database. This is possible due to multiple SQL injection vulnerabilities...
sysPass 1.0.9 - SQL Injection
sysPass 1.0.9 - SQL Injection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-031 Product: sysPass Vendor: http://cygnux.org/ Affected Versions: 1.0.9 and below Tested Versions: 1.0.9 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Fixed Vendor...
sysPass 1.0.9 - SQL Injection Vulnerability
Exploit for php platform in category web applications Product: sysPass Vendor: http://cygnux.org/ Affected Versions: 1.0.9 and below Tested Versions: 1.0.9 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Fixed Vendor Notification: 2014-07-27 Solution Date: 2014-08-04...