38 matches found
EUVD-2022-3185
Malicious code in bioql PyPI...
EUVD-2024-52869
Malicious code in bioql PyPI...
EUVD-2024-52870
Malicious code in bioql PyPI...
Progress多款产品 跨站脚本漏洞
Progress Telerik UI for ASP.NET Core and others are products of Progress, Inc.Progress Telerik UI for ASP.NET Core is a set of UI component libraries for building cross-platform responsive web applications.Progress Telerik UI for Progress Telerik UI for ASP.NET MVC is a library of UI components f...
CVE-2024-40502
SQL injection vulnerability in Hospital Management System Project in ASP.Net MVC 1 allows aremote attacker to execute arbitrary code via the btnloginbClick function of the Loginpage.aspx...
CVE-2024-55969
DocIO in Syncfusion Essential Studio for ASP.NET MVC before 27.1.55 throws XMLException during the resaving of a DOCX document with an external reference XML, aka I640714...
CVE-2024-55970
File Manager in Syncfusion Essential Studio for ASP.NET MVC before 27.1.55 has a traversal issue that is related to the request parameter, aka I644734...
CVE-2024-55969
DocIO in Syncfusion Essential Studio for ASP.NET MVC before 27.1.55 throws XMLException during the resaving of a DOCX document with an external reference XML, aka I640714...
CVE-2024-55969
DocIO in Syncfusion Essential Studio for ASP.NET MVC before 27.1.55 throws XMLException during the resaving of a DOCX document with an external reference XML, aka I640714...
CVE-2024-55970
File Manager in Syncfusion Essential Studio for ASP.NET MVC before 27.1.55 has a traversal issue that is related to the request parameter, aka I644734...
CVE-2024-55969
CVE-2024-55969 affects the DocIO component of Syncfusion Essential Studio for ASP.NET MVC prior to version 27.1.55 . The vulnerability occurs when resaving a DOCX document with an external reference XML, where an XMLException is thrown, potentially impacting document processing and availability. ...
CVE-2024-40502
SQL injection vulnerability in Hospital Management System Project in ASP.Net MVC 1 allows aremote attacker to execute arbitrary code via the btnloginbClick function of the Loginpage.aspx...
CVE-2024-40502
SQL injection vulnerability in Hospital Management System Project in ASP.Net MVC 1 allows aremote attacker to execute arbitrary code via the btnloginbClick function of the Loginpage.aspx...
CVE-2024-40502
CVE-2024-40502 affects Hospital Management System Project in ASP.Net MVC 1. The vulnerability is an SQL injection in the btn_login_b_Click function of Loginpage.aspx, caused by concatenating user inputs (txt_login_username.Text and txt_login_pass.Text) into an SQL query without proper parameteriz...
CVE-2024-40502
SQL injection vulnerability in Hospital Management System Project in ASP.Net MVC 1 allows aremote attacker to execute arbitrary code via the btnloginbClick function of the Loginpage.aspx...
Hospital Management System Project In ASP.Net MVC 1 SQL Injection Vulnerability
Hospital Management System Project in ASP.Net MVC version 1 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Exploit Title: Hospital Management System Project in ASP.Net MVC - SQL Injection / Authentication Bypass Date: 07/16/2024 Exploit Author: 0xMykull...
Improper Access Control in Telerik Extensions
Telerik Extensions for ASP.NET MVC all versions does not whitelist requests, which can allow a remote attacker to access files inside the server's web directory. NOTE: this product has been obsolete since June 2013...
GHSA-8H7P-QJV8-9MP4 Improper Access Control in Telerik Extensions
Telerik Extensions for ASP.NET MVC all versions does not whitelist requests, which can allow a remote attacker to access files inside the server's web directory. NOTE: this product has been obsolete since June 2013...
PageAdminCMS of Zhongshan Huatuo Information Technology Co., Ltd. suffers from arbitrary file downloading vulnerability
PageAdminCMS is a self-service website building system based on asp.net mvc development. Ltd. PageAdminCMS arbitrary file download vulnerability, attackers can use the vulnerability to obtain sensitive information...
total.js Remote Code Execution Vulnerability
total.js is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. It can be used as web, desktop, service or IoT application. Affected versions of this package are vulnerable to Remote Code Execution RCE via set. PoC js // To be ru...