CVE-2026-5261

A vulnerability was identified in Shandong Hoteam InforCenter PLM up to 8.3.8. The impacted element is the function uploadFileToIIS of the file /Base/BaseHandler.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit i...

CVE-2026-5261

A vulnerability was identified in Shandong Hoteam InforCenter PLM up to 8.3.8. The impacted element is the function uploadFileToIIS of the file /Base/BaseHandler.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit i...

CVE-2026-2821

A weakness has been identified in Fujian Smart Integrated Management Platform System up to 7.5. Impacted is an unknown function of the file /Module/CRXT/Controller/XCamera.ashx. This manipulation of the argument ChannelName causes sql injection. Remote exploitation of the attack is possible. The...

CVE-2026-2821 Fujian Smart Integrated Management Platform System XCamera.ashx sql injection

A weakness has been identified in Fujian Smart Integrated Management Platform System up to 7.5. Impacted is an unknown function of the file /Module/CRXT/Controller/XCamera.ashx. This manipulation of the argument ChannelName causes sql injection. Remote exploitation of the attack is possible. The...

CVE-2026-2820 Fujian Smart Integrated Management Platform System XAccessPermissionPlus.ashx sql injection

A security flaw has been discovered in Fujian Smart Integrated Management Platform System up to 7.5. This issue affects some unknown processing of the file /Module/CRXT/Controller/XAccessPermissionPlus.ashx. The manipulation of the argument DeviceIDS results in sql injection. The attack may be...

CVE-2026-2820

The vulnerability CVE-2026-2820 affects Fujian Smart Integrated Management Platform System (firmware/version up to 7.5). The issue lies in processing of the file /Module/CRXT/Controller/XAccessPermissionPlus.ashx where manipulating the DeviceIDS argument triggers an SQL injection. Attack vector i...

CVE-2023-7334 Changjetong T+ <= 16.x GetStoreWarehouseByStore Deserialization RCE

Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted request to /tplus/ajaxpro/Ufida.T.CodeBehind.PriorityLevel,AppCode.ashx?method=GetStoreWarehouseByStore...

CVE-2023-7334 Changjetong T+ <= 16.x GetStoreWarehouseByStore Deserialization RCE

Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted request to /tplus/ajaxpro/Ufida.T.CodeBehind.PriorityLevel,AppCode.ashx?method=GetStoreWarehouseByStore...

VulnCheck KEV: CVE-2023-7334

Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted request to /tplus/ajaxpro/Ufida.T.CodeBehind.PriorityLevel,AppCode.ashx?method=GetStoreWarehouseByStore...

CVE-2025-35053

Newforma Info Exchange NIX accepts requests to '/UserWeb/Common/MarkupServices.ashx' specifying the 'DownloadExportedPDF' command that allow an authenticated user to read and delete arbitrary files with 'NT AUTHORITY\NetworkService' privileges. In Newforma before 2023.1, anonymous access is enabl...

CVE-2025-35058

Newforma Info Exchange (NIX) contains a vulnerable endpoint /UserWeb/Common/MarkupServices.ashx that can be triggered by a remote, unauthenticated attacker to force NIX to establish an SMB connection to an attacker‑controlled system, enabling the attacker to capture the NTLMv2 hash of the configu...

CVE-2025-35053 Newforma Info Exchange (NIX) arbitrary file read and delete

Newforma Info Exchange NIX accepts requests to '/UserWeb/Common/MarkupServices.ashx' specifying the 'DownloadExportedPDF' command that allow an authenticated user to read and delete arbitrary files with 'NT AUTHORITY\NetworkService' privileges. In Newforma before 2023.1, anonymous access is enabl...

EUVD-2020-3948

Malware in sbrugna...

CVE-2025-34163

Dongsheng Logistics Software exposes an unauthenticated endpoint at /CommMng/Print/UploadMailFile that fails to enforce proper file type validation and access control. An attacker can upload arbitrary files, including executable scripts such as .ashx, via a crafted multipart/form-data POST reques...

CVE-2020-11598

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Upload.ashx allows remote attackers to execute arbitrary code by uploading and executing an ASHX file...

CVE-2024-41511

A Path Traversal Local File Inclusion vulnerability in "BinaryFileRedirector.ashx" in CADClick v1.11.0 and before allows remote attackers to retrieve arbitrary local files via the "path" parameter...

CVE-2024-42679

SQL Injection vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the/ajax/Login.ashx component...

CVE-2024-33881

An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter...

CVE-2024-28891

SQL injection vulnerability exists in the script HandlerCFG.ashx...

CVE-2024-25937

SQL injection vulnerability exists in the script DIAEtagHandler.ashx...