21 matches found
Remote Code Execution (RCE)
CSLA .NET is vulnerable to remote code execution RCE. The vulnerability is due to the use of the obsolete NetDataContractSerializer NDCS in WcfProxy, which allows an attacker to execute arbitrary code during the deserialization process...
CVE-2025-66631
CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer NDCS and is vulnerable to remote code execution during deserialization...
CVE-2025-66631
CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer NDCS and is vulnerable to remote code execution during deserialization...
CVE-2025-66631 CSLA .NET is vulnerable to Remote Code Execution via WcfProxy
CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer NDCS and is vulnerable to remote code execution during deserialization...
CVE-2025-66631
CSLA .NET prior to 6.0.0 is vulnerable to remote code execution during deserialization when using WcfProxy, which relies on the obsolete NetDataContractSerializer (NDCS). Supported details from multiple sources show that versions 5.5.4 and below are affected, while version 6.0.0 and above remove ...
EUVD-2025-201825
CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer NDCS and is vulnerable to remote code execution during deserialization...
CVE-2025-66631 CSLA .NET is vulnerable to Remote Code Execution via WcfProxy
CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer NDCS and is vulnerable to remote code execution during deserialization...
CVE-2025-66631 CSLA .NET is vulnerable to Remote Code Execution via WcfProxy
CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer NDCS and is vulnerable to remote code execution during deserialization...
PT-2025-49778
CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer NDCS and is vulnerable to remote code execution during deserialization...
GHSA-WQ34-7F4G-953V Csla affected by Remote Code Execution via WcfProxy (NetDataContractSerializer)
Impact Versions of CSLA .NET prior to version 6 allow the use of WcfProxy. WcfProxy uses the NetDataContractSerializer NDCS which has known vulnerabilities that can allow remote execution of code during deserialization. NDCS itself is considered obsolete, and you should avoid using WcfProxy or...
Csla affected by Remote Code Execution via WcfProxy (NetDataContractSerializer)
Impact Versions of CSLA .NET prior to version 6 allow the use of WcfProxy. WcfProxy uses the NetDataContractSerializer NDCS which has known vulnerabilities that can allow remote execution of code during deserialization. NDCS itself is considered obsolete, and you should avoid using WcfProxy or...
CVE-2024-28698
Directory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0 allows a remote attacker to execute arbitrary code via a crafted script to the MobileFormatter component...
GHSA-9XHH-3M78-GVGJ CLSA Directory Traversal vulnerability
Directory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0 allows a remote attacker to execute arbitrary code via a crafted script to the MobileFormatter component. Fixes for this issue have been backported to the 5.x, 6.x, and 7.x branches of CSLA. CSLA version 5.5.4 contains a fix. A...
CLSA Directory Traversal vulnerability
Directory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0 allows a remote attacker to execute arbitrary code via a crafted script to the MobileFormatter component. Fixes for this issue have been backported to the 5.x, 6.x, and 7.x branches of CSLA. CSLA version 5.5.4 contains a fix. A...
CVE-2024-28698
Directory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0 allows a remote attacker to execute arbitrary code via a crafted script to the MobileFormatter component...
CVE-2024-28698
Directory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0 allows a remote attacker to execute arbitrary code via a crafted script to the MobileFormatter component...
CVE-2024-28698
CVE-2024-28698 describes a Directory Traversal vulnerability in the Marimer LLC CSLA .Net framework prior to 8.0, enabling remote code execution via crafted scripts passed to the MobileFormatter component. Multiple sources corroborate that lack of validation of directory traversal sequences in Mo...
CVE-2024-28698
Directory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0 allows a remote attacker to execute arbitrary code via a crafted script to the MobileFormatter component...
CVE-2024-28698
Directory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0 allows a remote attacker to execute arbitrary code via a crafted script to the MobileFormatter component...
MAL-2024-4456 Malicious code in Csla.Windows.Forms.Net (NuGet)
--- -= Per source details. Do not edit below this line.=-...