11 matches found
CVE-2026-50649
A flaw was found in .NET. This vulnerability allows an unauthorized attacker to execute code locally by exploiting a deserialization of untrusted data. This means that if an attacker can provide specially crafted data, the .NET application may process it in a way that leads to the execution of...
.NET Remote Code Execution Vulnerability
Deserialization of untrusted data in .NET allows an unauthorized attacker to execute code locally...
CVE-2023-7334
Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted request to /tplus/ajaxpro/Ufida.T.CodeBehind.PriorityLevel,AppCode.ashx?method=GetStoreWarehouseByStore...
CVE-2023-7334
Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted request to /tplus/ajaxpro/Ufida.T.CodeBehind.PriorityLevel,AppCode.ashx?method=GetStoreWarehouseByStore...
CVE-2023-7334 Changjetong T+ <= 16.x GetStoreWarehouseByStore Deserialization RCE
Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted request to /tplus/ajaxpro/Ufida.T.CodeBehind.PriorityLevel,AppCode.ashx?method=GetStoreWarehouseByStore...
CVE-2023-7334
The CVE-2023-7334 entry affects Changjetong T+ versions up to 16.x. It describes a .NET deserialization vulnerability in an AjaxPro endpoint that allows remote code execution. An attacker can craft a request to /tplus/ajaxpro/Ufida.T.CodeBehind._PriorityLevel,App_Code.ashx?method=GetStoreWarehous...
Chanjet TPlus code issue vulnerabilities
Chanjet TPlus is an enterprise cloud platform developed by Chanjet Corporation. Versions of Chanjet TPlus 16.x and earlier contained a code vulnerability caused by a .NET deserialization issue in the AjaxPro endpoint, which could lead to remote code execution...
VulnCheck KEV: CVE-2023-7334
Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted request to /tplus/ajaxpro/Ufida.T.CodeBehind.PriorityLevel,AppCode.ashx?method=GetStoreWarehouseByStore...
CVE-2025-10363 Unauthenticated RCE via .NET Deserialization in Topal Finance Software
Deserialization of Untrusted Data vulnerability in Topal Solutions AG Topal Finanzbuchhaltung on Windows allows Remote Code Execution.This issue affects at least Topal Finanzbuchhaltung: 10.1.5.20 and is fixed in version 11.2.12.00...
CVE-2023-40044
In WSFTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WSFTP Server operating system...
dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML
A flaw was found in dotnet. This issue can allow bypass restrictions when deserializing a DataSet or DataTable from XML...