LW-N605R devices allow remote code execution via shell metacharacters in the HOST field of the ping feature at adm/systools.asp. Authentication is needed but the default password of admin for the admin account may be used in some cases.
381dfb828206901640b7a36fed462414ASP.NET jVideo Kit version 1.0 suffers from a remote SQL injection vulnerability.
446e636ca5035f35b4ff0efa533d29fcASP.NET Core version 5.-RC1 suffers from an HTTP header injection vulnerability.
28fbb855c6805f6d739cc89ce38fed04ASP Gateway 1.0.0 suffers from a database disclosure vulnerability.
77c6b85e907011a63bde9b54324dac6eCodeWarrior is a manual code and static analysis tool. It has many modules, one for each common language like PHP, ASP, Ruby, C/C++, Java and Javascript. Each module has rules in raw text with parameters like description, type, reference, relevance and match (regex to detect pattern). You can also create your own rules.
125797229a978f1c58e1d352c00eb34eAfterLogic WebMail Pro ASP.NET versions prior to 6.2.7 suffer from an administrator account takeover via an XXE injection vulnerability.
41cc07503156fc99994ba41aa68c9031ASP webshell backdoor designed specifically for IIS 8.
5b19b3cbecf0cf539f8e5a3954f4af53ASP Forums version 2.1 suffers from a database disclosure vulnerability.
9bda0cee7848574a11e6fc4425560437ASP Dynamika version 2.5 suffers from a cross site scripting vulnerability.
c9b04b24328d128f04a3a0978d658dc4ASP Dynamika version 2.5 suffers from arbitrary file upload and remote SQL injection vulnerabilities.
76dfcd46a38b6fa6cef2b01bf008adffThis Metasploit module exploits an arbitrary file upload vulnerability found in Kaseya VSA versions between 7 and 9.1. A malicious unauthenticated user can upload an ASP file to an arbitrary directory leading to arbitrary code execution with IUSR privileges. This Metasploit module has been tested with Kaseya v7.0.0.17, v8.0.0.10 and v9.0.0.3.
1ed310adae7ef7d86de486f92950fe9dThis Metasploit module exploits an arbitrary file upload vulnerability in Numara / BMC Track-It! v8 to v11.X. The application exposes the FileStorageService .NET remoting service on port 9010 (9004 for version 8) which accepts unauthenticated uploads. This can be abused by a malicious user to upload a ASP or ASPX file to the web root leading to arbitrary code execution as NETWORK SERVICE or SYSTEM. This Metasploit module has been tested successfully on versions 11.3.0.355, 10.0.51.135, 10.0.50.107, 10.0.0.143, 9.0.30.248 and 8.0.2.51.
406dc97f0e83abf8ccd024baffb6b4d8Telerik ASP.NET AJAX RadEditor Control versions 2014.1.403.35 and 2009.3.1208.20 suffer from a persistent cross site scripting vulnerability.
beb89cba885a1201044ca7c377436e7fThis is a whitepaper that goes into detail on hacking ASP/ASPX websites manually.
d56d34728763832f62fc8b57670829beThis Metasploit module exploits an injection vulnerability in Cogent DataHub prior to 7.3.5. The vulnerability exists in the GetPermissions.asp page, which makes insecure use of the datahub_command function with user controlled data, allowing execution of arbitrary datahub commands and scripts. This Metasploit module has been tested successfully with Cogent DataHub 7.3.4 on Windows 7 SP1.
d10aca0d44b8abb4b65c009880426183DevExpress ASP.NET File Manager versions 10.2 through 13.2.8 suffer from a directory traversal vulnerability.
e93318bb004858c2424fa43a693ab368ASP-Nuke version 2.0.7 suffers from an open redirect vulnerability.
320246de1354caff29a2016cda4dd56dThis Metasploit module exploits an arbitrary file upload vulnerability found in Kaseya versions below 6.3.0.2. A malicious user can upload an ASP file to an arbitrary directory without previous authentication, leading to arbitrary code execution with IUSR privileges.
593b4d4095655301ec4bee6ac4bd2eb9FCKEditor version 2.6.8 ASP version suffers from a file upload protection bypass.
220d912d0f1646c9e97383f3e3f657e3This Metasploit module exploits an authentication bypass vulnerability on Avaya IP Office Customer Call Reporter, which allows a remote user to upload arbitrary files through the ImageUpload.ashx component. It can be abused to upload and execute arbitrary ASP .NET code. The vulnerability has been tested successfully on Avaya IP Office Customer Call Reporter 7.0.4.2 and 8.0.8.15 on Windows 2003 SP2.
ae5423b0c82a1fdd0bf9cbca67d6a136ASP-DEv XM Forums RC 3 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
c38ca2dee1a65ed11c62dcf6df06baaaSecunia Security Advisory - A vulnerability has been reported in CuteSoft Cute Editor for ASP.NET, which can be exploited by malicious people to conduct cross-site scripting attacks.
c983713240217be40df9cea319b8df20Hashes is a cross-platform tool that generates and injects different keys with the same hash code in order to test web applications against hash collision attacks. Written in Java. Has support for Java, PHP, ASP, and V8.
e28efbf484734217c6b6714f69b893deThis Metasploit module can be used to execute a payload on Umbraco CMS 4.7.0.378. The payload is uploaded as an ASPX script by sending a specially crafted SOAP request to codeEditorSave.asmx, which permits unauthorised file upload via the SaveDLRScript operation. SaveDLRScript is also subject to a path traversal vulnerability, allowing code to be placed into the web-accessible /umbraco/ directory. The module writes, executes and then overwrites an ASPX script; note that though the script content is removed, the file remains on the target. Automatic cleanup of the file is intended if a meterpreter payload is used. This Metasploit module has been tested successfully on Umbraco CMS 4.7.0.378 on a Windows 7 32-bit SP1. In this scenario, the "IIS APPPOOL\ASP.NET v4.0" user must have write permissions on the Windows Temp folder.
55b249c7b416e0039642bb1ad643fe1bB2CPrint suffers from a remote ASP shell upload vulnerability.
f5aa295b7d93548e976624a7ec2ec038
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed