13 matches found
TencentOS Server 3: .NET 7.0 (TSSA-2023:0182)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0182 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
CVE-2010-2088
ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting XSS attacks against the form control via the VIEWSTATE parameter...
PT-2025-18084 · Devexpress · Devexpress
Name of the Vulnerable Software and Affected Versions: DevExpress versions prior to 23.1.3 Description: The issue is related to the improper protection of XtraReport serialized data in ASP.NET web forms. This affects the security of the data, potentially allowing unauthorized access or...
CVE-2025-3935
ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...
CVE-2025-3935 ScreenConnect Exposure to ASP.NET ViewState Code Injection
ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, with data encoded using Base64 protected by machine keys. It is important to note that to obtain these machine keys,...
dotnet6.0 security update
An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...
Microsoft .NET Framework Multiple Vulnerabilities (KB5032337)
This host is missing an important security update according to Microsoft KB5032337 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
CVE-2023-36560 ASP.NET Security Feature Bypass Vulnerability
...
[SCIP] Indentify, Enumerate & Execute Invisible ASP.net Controls
SCIP is an OWASP ZAP extension designed to assess the security of ASP.net and Mono applications, while abusing platform specific behaviors and misconfigurations. The extension currently supports the following features: Identify the existence of invisible, commented and disabled server side web...
asp.net padding oracle 代码泄露
No description provided by source...
Microsoft .Net Framework ASP.NET crossite scripting
By using Unicode characters 0xff-0xff60 it's possible to bypass special charactesr filtering in ASP.NET application...
ASP.NET crossite scripting protection bypass
It's possible to insert null character after tag opening...
Detectoid for ASP.NET v4.0
...