4 matches found
EUVD-2015-4689
Malware in sbrugna...
CVE-2015-4670
Directory traversal vulnerability in the AjaxFileUpload control in DevExpress AJAX Control Toolkit aka AjaxControlToolkit before 15.1 allows remote attackers to write to arbitrary files via a .. dot dot in the fileId parameter to AjaxFileUploadHandler.axd...
Directory traversal
Directory traversal vulnerability in the AjaxFileUpload control in DevExpress AJAX Control Toolkit aka AjaxControlToolkit before 15.1 allows remote attackers to write to arbitrary files via a .. dot dot in the fileId parameter to AjaxFileUploadHandler.axd...
CVE-2015-4670
CVE-2015-4670 affects the AjaxFileUpload control in the AjaxControlToolkit (Ajax Control Toolkit) before 15.1. The issue: the uploaded file’s fileId GUID is not validated, allowing directory traversal with “..” to write files to arbitrary locations via AjaxFileUploadHandler.axd. Veracode and rela...