Lucene search
K

3 matches found

CVE
CVE
added 2026/04/16 3:18 p.m.69 views

CVE-2026-5426

CVE-2026-5426 affects Digital Knowledge KnowledgeDeliver prior to Feb 24, 2026, due to a hard-coded ASP.NET/IIS machineKey in web.config. This flaw enables unauthenticated attackers to bypass ViewState validation and achieve remote code execution via crafted ViewState deserialization. In observed...

9.1CVSS6.4AI score0.01008EPSS
In wildExploits0References3
Vulnrichment
Vulnrichment
added 2026/04/16 3:18 p.m.3 views

CVE-2026-5426 KnowledgeDeliver deployments before February 24, 2026 use a static ASP.NET/IIS machineKey value

Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote code execution via malicious ViewState deserialization attacks...

6.5AI score0.01008EPSS
Exploits0References3
seebug.org
seebug.org
added 2014/07/04 12:0 a.m.30 views

PageAdmin VIEWSTATE引发的血案

简要描述: 本想找个注入的,却发现Isstr 与其绕过不如(此处打码)直接来的痛快。 @wefgod 小弟弱弱的告诉你 ViewState不仅仅可以WooYun-2014-61699这样用,还可以这样滴哟 详细说明: 下载pageAdmin 反编译发现混淆过 蛋疼! 只好翻翻页面!各种页面各种翻 咿!尼玛 这是啥 ViewState"constr" 那就抄刀上阵吧 打开 :http://192.168.10.64:9992/e/member/index.aspx?s=1&type=memfavolst 复制然后 这是在本地搭建的 那试试官网 附上官网的...

7.1AI score
Exploits0
Rows per page
Query Builder