9 matches found
CVE-2023-7334
Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted request to /tplus/ajaxpro/Ufida.T.CodeBehind.PriorityLevel,AppCode.ashx?method=GetStoreWarehouseByStore...
CVE-2023-7334 Changjetong T+ <= 16.x GetStoreWarehouseByStore Deserialization RCE
Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted request to /tplus/ajaxpro/Ufida.T.CodeBehind.PriorityLevel,AppCode.ashx?method=GetStoreWarehouseByStore...
CVE-2023-7334
The CVE-2023-7334 entry affects Changjetong T+ versions up to 16.x. It describes a .NET deserialization vulnerability in an AjaxPro endpoint that allows remote code execution. An attacker can craft a request to /tplus/ajaxpro/Ufida.T.CodeBehind._PriorityLevel,App_Code.ashx?method=GetStoreWarehous...
CVE-2023-7334
Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted request to /tplus/ajaxpro/Ufida.T.CodeBehind.PriorityLevel,AppCode.ashx?method=GetStoreWarehouseByStore...
Chanjet TPlus code issue vulnerabilities
Chanjet TPlus is an enterprise cloud platform developed by Chanjet Corporation. Versions of Chanjet TPlus 16.x and earlier contained a code vulnerability caused by a .NET deserialization issue in the AjaxPro endpoint, which could lead to remote code execution...
VulnCheck KEV: CVE-2023-7334
Changjetong T+ versions up to and including 16.x contain a .NET deserialization vulnerability in an AjaxPro endpoint that can lead to remote code execution. A remote attacker can send a crafted request to /tplus/ajaxpro/Ufida.T.CodeBehind.PriorityLevel,AppCode.ashx?method=GetStoreWarehouseByStore...
CVE-2025-10363 Unauthenticated RCE via .NET Deserialization in Topal Finance Software
Deserialization of Untrusted Data vulnerability in Topal Solutions AG Topal Finanzbuchhaltung on Windows allows Remote Code Execution.This issue affects at least Topal Finanzbuchhaltung: 10.1.5.20 and is fixed in version 11.2.12.00...
CVE-2023-40044
In WSFTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a .NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WSFTP Server operating system...
dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML
A flaw was found in dotnet. This issue can allow bypass restrictions when deserializing a DataSet or DataTable from XML...