CVE-2010-1590

Cross-site scripting XSS vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier might allow remote attackers to inject arbitrary web script or HTML via the client's DNS hostname aka the REMOTEHOST variable, related to the CookielessGenerateFilename an...

ASP.NET Cookieless Session State Enabled

.NET Framework offers an alternative to cookie based session management named 'cookieless' by allowing developers to store the session ID directly in URLs rather than in cookies. When enabled, this feature can be abused to make session hijacking attacks easier to exploit or to craft valid URLs in...

Exploit for Improper Input Validation in Microsoft

CVE-2023-36899 The CVE-2023-36899 vulnerability involves a b...

PT-2023-4293

Name of the Vulnerable Software and Affected Versions ASP.NET affected versions not specified Description The issue is related to an elevation-of-privilege vulnerability in ASP.NET, which allows attackers to affect the system. This vulnerability is associated with insufficient access controls in...

October 13, 2020-KB4578974 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1903, Windows Server, version 1903, Windows 10, version 1909, and Windows Server, version 1909

October 13, 2020-KB4578974 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1903, Windows Server, version 1903, Windows 10, version 1909, and Windows Server, version 1909 Release Date: October 13, 2020 Version: .NET Framework 3.5 and 4.8 Summary An information disclosure...

CVE-2010-1589

Directory traversal vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier might allow remote attackers to determine the existence of arbitrary files via directory traversal sequences in the client's DNS hostname aka the REMOTEHOST variable, related t...