Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft asp.net 1.1 vulnerabilities and exploits
(subscribe to this query)
785
VMScore
CVE-2006-1364
Microsoft w3wp (aka w3wp.exe) does not properly handle when the AspCompat directive is not used when referencing COM components in ASP.NET, which allows remote malicious users to cause a denial of service (resource consumption or crash) by repeatedly requesting each of several do...
Microsoft Asp.net 1.1
Microsoft Asp.net
1 EDB exploit
755
VMScore
CVE-2004-0847
The Microsoft .NET forms authentication capability for ASP.NET allows remote malicious users to bypass authentication for .aspx files in restricted directories via a request containing a (1) "\" (backslash) or (2) "%5C" (encoded backslash), aka "Path Vali...
Microsoft Asp.net 1.1
Microsoft Asp.net
1 EDB exploit
435
VMScore
CVE-2005-0452
Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.NET (.Net) 1.0 and 1.1 to SP1 allow remote malicious users to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, includi...
Microsoft Asp.net 1.0
Microsoft Asp.net 1.1
1 EDB exploit
1 Github repository
570
VMScore
CVE-2005-1664
The __VIEWSTATE functionality in Microsoft ASP.NET 1.x allows remote malicious users to conduct replay attacks to (1) apply a ViewState generated from one view to a different view, (2) reuse ViewState information after the application's state has changed, or (3) use the View...
Microsoft Asp.net 1.0
Microsoft Asp.net 1.1
445
VMScore
CVE-2005-1665
The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote malicious users to cause a denial of service (CPU consumption) via deeply nested markup.
Microsoft Asp.net 1.0
Microsoft Asp.net 1.1
445
VMScore
CVE-2018-0808
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how ASP.NET web applications handle web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0784.
Microsoft Asp.net Core 1.1
Microsoft Asp.net Core 1.0
Microsoft Asp.net Core 2.0
1 Article
445
VMScore
CVE-2017-8700
ASP.NET Core 1.0, 1.1, and 2.0 allow an malicious user to bypass Cross-origin Resource Sharing (CORS) configurations and retrieve normally restricted content from a web application, aka "ASP.NET Core Information Disclosure Vulnerability".
Microsoft Asp.net Core 1.0
Microsoft Asp.net Core 1.1
Microsoft Asp.net Core 2.0
1 Article
605
VMScore
CVE-2018-0787
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how web applications that are created from templates validate web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability".
Microsoft Asp.net Core 1.0
Microsoft Asp.net Core 2.0
Microsoft Asp.net Core 1.1
445
VMScore
CVE-2018-8171
A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated, aka "ASP.NET Security Feature Bypass Vulnerability." This affects ASP.NET, ASP.NET Core 1.1, ASP.NET Core 1.0, ASP.NET Core 2.0, ASP.NET MVC 5.2.
Microsoft Asp.net Model View Controller 5.2
Microsoft Asp.net Webpages 3.2.3
Microsoft Asp.net Core 2.0
Microsoft Asp.net Core 1.1
Microsoft Asp.net Core 1.0
605
VMScore
CVE-2003-0768
Microsoft ASP.Net 1.1 allows remote malicious users to bypass the Cross-Site Scripting (XSS) and Script Injection protection feature via a null character in the beginning of a tag name.
Microsoft Asp.net 1.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »