PT-2022-25854 · Unknown · Blogengine.Net

Name of the Vulnerable Software and Affected Versions: BlogEngine.NET version 3.3.8.0 Description: An issue in the component BlogEngine/BlogEngine.NET/AppCode/Api/UploadController.cs allows attackers to execute arbitrary code via uploading a crafted PNG file. Recommendations: For BlogEngine.NET...