Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asp.net vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2217
Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote malicious users to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadat...
Telerik Ui For Asp.net Ajax
1 Github repository
9.8
CVSSv3
CVE-2017-11357
Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote malicious users to perform arbitrary file uploads or execute arbitrary code.
Telerik Ui For Asp.net Ajax
1 EDB exploit
4 Github repositories
9.8
CVSSv3
CVE-2019-18935
Progress Telerik UI for ASP.NET AJAX up to and including 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This is exploitable when the encryption keys are known due to the presence of CVE-2017-11317 or CVE-2017-11357, or other means. Explo...
Telerik Ui For Asp.net Ajax
17 Github repositories
2 Articles
NA
CVE-2009-4665
Directory traversal vulnerability in CuteSoft_Client/CuteEditor/Load.ashx in CuteSoft Components Cute Editor for ASP.NET allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Cutesoft Components Cute Editor For Asp.net
1 EDB exploit
7.5
CVSSv3
CVE-2022-41479
The DevExpress Resource Handler (ASPxHttpHandlerModule) in DevExpress ASP.NET Web Forms Build v19.2.3 does not verify the referenced objects in the /DXR.axd?r= HTTP GET parameter. This leads to an Insecure Direct Object References (IDOR) vulnerability which allows malicious users...
Devexpress Asp.net Web Forms Controls 19.2.3
9.8
CVSSv3
CVE-2021-28141
An issue exists in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows unauthorized access to MicrosoftAjax.js through the Telerik.Web.UI.WebResource.axd file. This may allow the malicious user to gain unauthorized access to the server and execute code. To exploit, one mus...
Telerik Ui For Asp.net Ajax 2021.1.224
5.3
CVSSv3
CVE-2018-17060
Telerik Extensions for ASP.NET MVC (all versions) does not whitelist requests, which can allow a remote malicious user to access files inside the server's web directory. NOTE: this product has been obsolete since June 2013.
Progress Telerik Extensions For Asp.net Mvc
7.5
CVSSv3
CVE-2020-1597
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without auth...
Microsoft Asp.net Core 2.1
Microsoft Asp.net Core 3.1
Microsoft Visual Studio 2019
Microsoft Visual Studio 2017
Fedoraproject Fedora 32
Fedoraproject Fedora 33
7.5
CVSSv3
CVE-2024-21386
.NET Denial of Service Vulnerability
Microsoft Asp.net Core
Microsoft Visual Studio 2022
7.5
CVSSv3
CVE-2024-21404
.NET Denial of Service Vulnerability
Microsoft Asp.net Core
Microsoft Visual Studio 2022
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »