Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ajax vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-2345
Cross-site scripting (XSS) vulnerability in inc/elementz.php in AliPAGER 1.5 allows remote malicious users to inject arbitrary web script or HTML via the ubild parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. N...
Roostercode Ajax Softwares Alipager 1.5
5
CVSSv2
CVE-2015-4153
Directory traversal vulnerability in the zM Ajax Login & Register plugin prior to 1.1.0 for WordPress allows remote malicious users to include and execute arbitrary php files via a relative path in the template parameter in a load_template action to wp-admin/admin-ajax.php.
Zanematthew Zm Ajax Login \\& Register
1 EDB exploit
7.5
CVSSv2
CVE-2021-28141
An issue exists in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows unauthorized access to MicrosoftAjax.js through the Telerik.Web.UI.WebResource.axd file. This may allow the malicious user to gain unauthorized access to the server and execute code. To exploit, one mus...
Telerik Ui For Asp.net Ajax 2021.1.224
7.5
CVSSv2
CVE-2019-8293
Due to a logic error in the code, upload-image-with-ajax v1.0 allows arbitrary files to be uploaded to the web root allowing code execution.
Abcprintf Upload-image-with-ajax 1.0
6.8
CVSSv2
CVE-2021-40909
Cross site scripting (XSS) vulnerability in sourcecodester PHP CRUD without Refresh/Reload using Ajax and DataTables Tutorial v1 by oretnom23, allows remote malicious users to execute arbitrary code via the first_name, last_name, and email parameters to /ajax_crud.
Php Crud Without Refresh\\/reload Using Ajax And Datatables Tutorial Project Php Crud Without Refresh\\/reload Using Ajax And Datatables Tutorial 1.0
7.5
CVSSv2
CVE-2019-19790
Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote malicious user to read and delete an image with extension .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, or .WMF on the server through a specially crafted request. NOTE: RadChart was discontinued in 2014 in ...
Telerik Radchart
Telerik Ui For Asp.net Ajax -
7.5
CVSSv2
CVE-2007-3686
CRLF injection vulnerability in db.php in Unobtrusive Ajax Star Rating Bar prior to 1.2.0 allows remote malicious users to inject arbitrary HTTP headers and data via CRLF sequences in the HTTP_REFERER parameter.
Masuga Design Unobtrusive Ajax Star Rating Bar
7.5
CVSSv2
CVE-2007-3684
Multiple SQL injection vulnerabilities in Unobtrusive Ajax Star Rating Bar prior to 1.2.0 allow remote malicious users to execute arbitrary SQL commands via the (1) q and (2) t parameters in (a) db.php and (b) rpc.php.
Masuga Design Unobtrusive Ajax Star Rating Bar
2.6
CVSSv2
CVE-2007-3685
Cross-site scripting (XSS) vulnerability in rpc.php in Unobtrusive Ajax Star Rating Bar prior to 1.2.0 allows remote malicious users to inject arbitrary web script or HTML via the q parameter.
Masuga Design Unobtrusive Ajax Star Rating Bar
7.5
CVSSv2
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity prior to 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote malicious users to defeat cryptographic pro...
Telerik Ui For Asp.net Ajax
Telerik Sitefinity Cms
1 EDB exploit
17 Github repositories
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »