Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
progress sitefinity vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2017-18175
Progress Sitefinity 9.1 has XSS via the Content Management Template Configuration (aka Templateconfiguration), as demonstrated by the src attribute of an IMG element. This is fixed in 10.1.
Progress Sitefinity 9.1
578
VMScore
CVE-2017-18179
Progress Sitefinity 9.1 uses wrap_access_token as a non-expiring authentication token that remains valid after a password change or a session termination. Also, it is transmitted as a GET parameter. This is fixed in 10.1.
Progress Sitefinity 9.1
312
VMScore
CVE-2017-18176
Progress Sitefinity 9.1 has XSS via file upload, because JavaScript code in an HTML file has the same origin as the application's own code. This is fixed in 10.1.
Progress Sitefinity 9.1
312
VMScore
CVE-2017-18177
Progress Sitefinity 9.1 has XSS via the Last name, First name, and About fields on the New User Creation Page. This is fixed in 10.1.
Progress Sitefinity 9.1
516
VMScore
CVE-2017-18178
Authenticate/SWT in Progress Sitefinity 9.1 has an open redirect issue in which an authentication token is sent to the redirection target, if the target is specified using a certain %40 syntax. This is fixed in 10.1.
Progress Sitefinity 9.1
668
VMScore
CVE-2017-15883
Sitefinity 5.1, 5.2, 5.3, 5.4, 6.x, 7.x, 8.x, 9.x, and 10.x allow remote malicious users to bypass authentication and consequently cause a denial of service on load balanced sites or gain privileges via vectors related to weak cryptography.
Progress Sitefinity 5.1
Progress Sitefinity 5.2
Progress Sitefinity 5.3
Progress Sitefinity 5.4
Progress Sitefinity 6.0
Progress Sitefinity 6.1
Progress Sitefinity 6.2
Progress Sitefinity 6.3
Progress Sitefinity 7.0
Progress Sitefinity 7.1
Progress Sitefinity 7.2
Progress Sitefinity 7.3
Progress Sitefinity 8.0
Progress Sitefinity 8.1
Progress Sitefinity 8.2
Progress Sitefinity 9.0
Progress Sitefinity 9.1
Progress Sitefinity 9.2
Progress Sitefinity 10.0
Progress Sitefinity 10.1
760
VMScore
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity prior to 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote malicious users to defeat cryptographic pro...
Telerik Sitefinity Cms
Telerik Ui For Asp.net Ajax
1 EDB exploit
17 Github repositories
1 Article
383
VMScore
CVE-2017-9140
Cross-site scripting (XSS) vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote malicious users to inject arbitrary web script or HTML via the bgColor parameter to Telerik...
Progress Telerik Reporting
Progress Sitefinity Cms
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2