3 matches found
CVE-2026-5426
CVE-2026-5426 affects Digital Knowledge KnowledgeDeliver prior to Feb 24, 2026, due to a hard-coded ASP.NET/IIS machineKey in web.config. This flaw enables unauthenticated attackers to bypass ViewState validation and achieve remote code execution via crafted ViewState deserialization. In observed...
CVE-2026-5426 KnowledgeDeliver deployments before February 24, 2026 use a static ASP.NET/IIS machineKey value
Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote code execution via malicious ViewState deserialization attacks...
PageAdmin VIEWSTATE引发的血案
简要描述: 本想找个注入的,却发现Isstr 与其绕过不如(此处打码)直接来的痛快。 @wefgod 小弟弱弱的告诉你 ViewState不仅仅可以WooYun-2014-61699这样用,还可以这样滴哟 详细说明: 下载pageAdmin 反编译发现混淆过 蛋疼! 只好翻翻页面!各种页面各种翻 咿!尼玛 这是啥 ViewState"constr" 那就抄刀上阵吧 打开 :http://192.168.10.64:9992/e/member/index.aspx?s=1&type=memfavolst 复制然后 这是在本地搭建的 那试试官网 附上官网的...