Lucene search
+L

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:14 a.m.14 views

CVE-2019-10719

BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution because file creation is mishandled, related to /api/upload and BlogEngine.NET/AppCode/Api/UploadController.cs. NOTE: this issue exists because of an incomplete fix for CVE-2019-6714...

9.8CVSS7.6AI score0.31725EPSS
Exploits16References1
CVE
CVE
added 2019/06/21 6:11 p.m.401 views

CVE-2019-10719

CVE-2019-10719 (and related CVE-2019-10720) affect BlogEngine.NET 3.3.7.0 and earlier. The vulnerability arises from Directory Traversal and Remote Code Execution due to mishandling of file creation in /api/upload (UploadController.cs) and related paths, noted as stemming from an incomplete fix f...

8.8CVSS9.4AI score0.07595EPSS
Exploits11References3Affected Software1
0day.today
0day.today
added 2019/06/19 12:0 a.m.1165 views

BlogEngine.NET 3.3.7 Directory Traversal / Remote Code Execution Vulnerability #RCE

BlogEngine.NET versions 3.3.7 and earlier are vulnerable to two separate directory traversal issues that can lead to remote code execution. BlogEngine.NET, versions 3.3.7 and earlier, is vulnerable to two separate Directory Traversal issues that can lead to Remote Code Execution. CVE-2019-10719...

0.5AI score0.31725EPSS
Exploits16
Packet Storm
Packet Storm
added 2019/06/19 12:0 a.m.217 views

BlogEngine.NET 3.3.6 / 3.3.7 dirPath Directory Traversal / Remote Code Execution

Exploit Title: Directory Traversal + RCE on BlogEngine.NET Date: 17 Jun 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://blogengine.io/ Version: v3.3.7 Tested on: 3.3.7, 3.3.6 CVE : 2019-10719 1. Description ============== BlogEngine.NET is vulnerable to an Directory Traversal on...

0.4AI score0.07595EPSS
Exploits11
exploitpack
exploitpack
added 2019/06/19 12:0 a.m.66 views

BlogEngine.NET 3.3.63.3.7 - dirPath Directory Traversal Remote Code Execution

BlogEngine.NET 3.3.63.3.7 - dirPath Directory Traversal Remote Code Execution Exploit Title: Directory Traversal + RCE on BlogEngine.NET Date: 17 Jun 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://blogengine.io/ Version: v3.3.7 Tested on: 3.3.7, 3.3.6 CVE : 2019-10719 1. Description...

6.5CVSS0.4AI score0.07595EPSS
Exploits11
Exploit DB
Exploit DB
added 2019/06/19 12:0 a.m.494 views

BlogEngine.NET 3.3.6/3.3.7 - 'dirPath' Directory Traversal / Remote Code Execution

Exploit Title: Directory Traversal + RCE on BlogEngine.NET Date: 17 Jun 2019 Exploit Author: Aaron Bishop Vendor Homepage: https://blogengine.io/ Version: v3.3.7 Tested on: 3.3.7, 3.3.6 CVE : 2019-10719 1. Description ============== BlogEngine.NET is vulnerable to an Directory Traversal on...

8.8CVSS8.7AI score0.07595EPSS
Exploits11
Packet Storm
Packet Storm
added 2019/06/18 12:0 a.m.718 views

BlogEngine.NET 3.3.7 Directory Traversal / Remote Code Execution

BlogEngine.NET, versions 3.3.7 and earlier, is vulnerable to two separate Directory Traversal issues that can lead to Remote Code Execution. CVE-2019-10719 exploits a directory traversal in /api/upload, allowing users to write files to any location within the web root. This bypasses the protectio...

7.5CVSS0.6AI score0.31725EPSS
Exploits16
Rows per page
Query Builder