RSS   Vulnerabilities for 'Radchart'   RSS

2019-12-13
 
CVE-2019-19790

CWE-22
 

 
Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a remote attacker to read and delete an image with extension .BMP, .EXIF, .GIF, .ICON, .JPEG, .PNG, .TIFF, or .WMF on the server through a specially crafted request. NOTE: RadChart was discontinued in 2014 in favor of RadHtmlChart. All RadChart versions were affected. To avoid this vulnerability, you must remove RadChart's HTTP handler from a web.config (its type is Telerik.Web.UI.ChartHttpHandler).

 

 >>> Vendor: Telerik 8 Products
Asp.net ajax radeditor control
Ui for asp.net ajax
Analytics monitor library
Asp.net webforms report viewer
Sitefinity cms
Extensions for asp.net mvc
Radchart
Ui for silverlight


Copyright 2020, cxsecurity.com

 

Back to Top