Lucene search
+L

44 matches found

OSV
OSV
added 2021/09/15 5:15 p.m.5 views

CVE-2021-39392

The management tool in MyLittleBackup up to and including 1.7 allows remote attackers to execute arbitrary code because machineKey is hardcoded the same for all customers' installations in web.config, and can be used to send serialized ASP code...

9.8CVSS6.1AI score0.02259EPSS
Exploits0References2
Hacker One
Hacker One
added 2019/02/06 2:15 a.m.129 views

U.S. Dept Of Defense: RCE on https://█████/ Using CVE-2017-9248

Summary: https://█████████/ is hosting an unpatched version of the Telerik DialogHandler Telerik.Web.UI.DialogHandler.aspx allowing for the machine key to be brute forced. The machine key can be used to access the DNN file manager to upload arbitrary files including ASPX giving a web shell and RC...

7.5CVSS0.75098EPSS
Exploits5
securityvulns
securityvulns
added 2008/03/22 12:0 a.m.46 views

DotNetNuke Default Machine Key Exposure

=========================================================== DotNetNuke Default Machine Key Exposure Public Release Date: March 20, 2008 Brian Holyfield - Gotham Digital Science [email protected] Affected Software: DotNetNuke = 4.8.1 Severity: Critical...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/03/21 12:0 a.m.51 views

dotnetnuke-expose.txt

=========================================================== DotNetNuke Default Machine Key Exposure Public Release Date: March 20, 2008 Brian Holyfield - Gotham Digital Science [email protected] Affected Software: DotNetNuke = 4.8.1 Severity: Critical...

7.4AI score
Exploits0
Rows per page
Query Builder