CVE-2023-35390 .NET and Visual Studio Remote Code Execution Vulnerability

...

CVE-2021-46703

In the IsolatedRazorEngine component of Antaris RazorEngine through 4.5.1-alpha001, an attacker can execute arbitrary .NET code in a sandboxed environment if users can externally control template contents. NOTE: This vulnerability only affects products that are no longer supported by the maintain...

CVE-2018-17058

An issue was discovered in JABA XPress Online Shop through 2018-09-14. It contains an arbitrary file upload vulnerability in the picture-upload feature of ProductEdit.aspx. An authenticated attacker may bypass the frontend filename validation and upload an arbitrary file via FileUploader.aspx.cs ...

Microsoft Windows multiple security vulnerabilities

.Net code execution, comctl32.dll integer overflow...

ScrewTurn-Wiki_08_008.txt

Portcullis Security Advisory 08008 Vulnerable System: ScrewTurn Wiki www.screwturn.eu. Vulnerability Title: Permanent Cross-site Scripting in the "System Log" page. Vulnerability Discovery And Development: Portcullis Security Testing Services. Credit For Discovery: Ferruh Mavituna - Portcullis...