Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asp.net vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29035
Umbraco is an ASP.NET CMS. Failing webhooks logs are available when solution is not in debug mode. Those logs can contain information that is critical. This vulnerability is fixed in 13.1.1.
7.5
CVSSv2
CVE-2006-2042
Adobe Dreamweaver 8 prior to 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models.
Adobe Dreamweaver 7.0
Adobe Dreamweaver 8.0
5
CVSSv2
CVE-2009-3830
The download functionality in Team Services in Microsoft Office SharePoint Server 2007 12.0.0.4518 and 12.0.0.6219 allows remote malicious users to read ASP.NET source code via pathnames in the SourceUrl and Source parameters to _layouts/download.aspx.
Microsoft Sharepoint Server 2007
1 EDB exploit
5
CVSSv2
CVE-2010-4225
Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x prior to 2.8.2 allows remote malicious users to obtain the source code for .aspx (ASP.NET) applications via unknown vectors related to an "unloading bug."
Mono Mono 2.8
Mono Mono 2.8.1
7.5
CVSSv2
CVE-2013-4793
The update function in umbraco.webservices/templates/templateService.cs in the TemplateService component in Umbraco CMS prior to 6.0.4 does not require authentication, which allows remote malicious users to execute arbitrary ASP.NET code via a crafted SOAP request.
Umbraco Umbraco Cms
4.3
CVSSv2
CVE-2010-2085
The default configuration of ASP.NET in Microsoft .NET prior to 1.1 has a value of FALSE for the EnableViewStateMac property, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via the __VIEWSTATE parameter.
Microsoft .net Framework 1.0
Microsoft .net Framework
7.5
CVSSv2
CVE-2018-7679
Micro Focus Solutions Business Manager versions before 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution.
Microfocus Solutions Business Manager
4.3
CVSSv2
CVE-2015-6099
Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote malicious users to inject arbitrary web script or HTML via a crafted value, aka ".NET Elevation of Privilege Vulnerability."
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
6
CVSSv2
CVE-2012-0729
Unrestricted file upload vulnerability in IBM Rational AppScan Enterprise 5.x and 8.x prior to 8.5.0.1 allows remote authenticated users to execute arbitrary ASP.NET code by uploading a .aspx file, and then accessing it via unspecified vectors.
Ibm Rational Appscan 5.4
Ibm Rational Appscan 5.5.0.1
Ibm Rational Appscan 8.0.0.3
Ibm Rational Appscan 8.0.0
Ibm Rational Appscan 8.0.1
Ibm Rational Appscan 5.5.0.2
Ibm Rational Appscan 5.5.0
Ibm Rational Appscan 8.0.1.1
Ibm Rational Appscan 8.5.0
Ibm Rational Appscan 5.2
Ibm Rational Appscan 8.0.0.1
Ibm Rational Appscan 8.0.0.2
Ibm Rational Appscan 5.6.0.3
Ibm Rational Appscan 5.6.0
Ibm Rational Appscan 8.5.0.0
4.3
CVSSv2
CVE-2017-9140
Cross-site scripting (XSS) vulnerability in Telerik.ReportViewer.WebForms.dll in Telerik Reporting for ASP.NET WebForms Report Viewer control before R1 2017 SP2 (11.0.17.406) allows remote malicious users to inject arbitrary web script or HTML via the bgColor parameter to Telerik...
Progress Telerik Reporting
Progress Sitefinity Cms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »