15 matches found
CVE-2024-20886
Arbitrary directory creation in Samsung Live Wallpaper PC prior to version 3.3.8.0 allows attacker to create arbitrary directory...
CVE-2022-36600
BlogEngine v3.3.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the component /blogengine/api/posts. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description field...
CVE-2024-20886
Arbitrary directory creation in Samsung Live Wallpaper PC prior to version 3.3.8.0 allows attacker to create arbitrary directory...
CVE-2024-20886
Arbitrary directory creation in Samsung Live Wallpaper PC prior to version 3.3.8.0 allows attacker to create arbitrary directory...
Gira KNX/IP-Router 跨站脚本漏洞
The Gira KNX/IP-Router is a secure router for public buildings from Gira. A security vulnerability exists in the Gira KNX/IP-Router versions 3.1.3683.0 and 3.3.8.0, which stems from the fact that the application will reflect the supplied paths without the associated HTML coding, making it...
CVE-2023-33404
An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code...
CVE-2023-22856 Stored cross-site scripting in BlogEngine.NET version 3.3.8.0
A stored Cross-site Scripting XSS vulnerability in BlogEngine.NET 3.3.8.0, allows injection of arbitrary JavaScript in the security context of a blog visitor through an upload of a specially crafted file...
BlogEngine 安全漏洞
BlogEngine is an open source ASP.NET blog system . The system supports Ajax comments, custom themes, and more. A security vulnerability exists in BlogEngine.NET version 3.3.8.0, which stems from incorrect access control. An attacker exploiting this vulnerability can access the files of unpublishe...
BlogEngine 跨站脚本漏洞
BlogEngine is an open source ASP.NET blog system . The system supports Ajax comments, custom themes and so on. A security vulnerability exists in BlogEngine.NET version 3.3.8.0. An attacker exploits this vulnerability to inject arbitrary JavaScript in the secure environment of a blog visitor by...
PT-2023-13982 · Unknown · Blogengine.Net
Name of the Vulnerable Software and Affected Versions: BlogEngine.NET version 3.3.8.0 Description: The issue allows an attacker to create any folder with a files prefix under the /App Data/ directory. Recommendations: For BlogEngine.NET version 3.3.8.0, consider restricting access to the /App Dat...
CVE-2022-36600
BlogEngine v3.3.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the component /blogengine/api/posts. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description field...
PT-2022-23496 · Unknown · Blogengine
Name of the Vulnerable Software and Affected Versions: BlogEngine version 3.3.8.0 Description: A cross-site scripting XSS issue was found in the /blogengine/api/posts component, allowing attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Description field...
BlogEngine 跨站脚本漏洞
BlogEngine is an open source ASP.NET blog system . The system supports Ajax comments, custom themes and so on. A cross-site scripting vulnerability exists in BlogEngine version v3.3.8.0, which was discovered to contain a cross-site scripting XSS vulnerability via the component...
BlogEngine.NET 路径遍历漏洞
BlogEngine is an open source ASP.NET blog system . The system supports Ajax comments, custom themes and more. A security vulnerability exists in BlogEngine.NET v3.3.8.0, which can be exploited by an attacker to delete files in the root directory of the web server via a crafted HTTP request...
Splashtop Software Updater Code Issue Vulnerability
Splashtop Software Updater is a software update application for Splashtop products from Splashtop USA. A security vulnerability exists in Splashtop Software Updater prior to version 1.5.6.16 in Splashtop Streamer prior to 3.3.8.0 and Splashtop Business prior to 3.3.8.0. An attacker can exploit th...