10 matches found
EUVD-2019-2514
Malware in sbrugna...
CVE-2019-10720
BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution via the theme cookie to the File Manager. NOTE: this issue exists because of an incomplete fix for CVE-2019-6714...
Directory traversal
BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution via the theme cookie to the File Manager. NOTE: this issue exists because of an incomplete fix for CVE-2019-6714...
Directory traversal
BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution because file creation is mishandled, related to /api/upload and BlogEngine.NET/AppCode/Api/UploadController.cs. NOTE: this issue exists because of an incomplete fix for CVE-2019-6714...
CVE-2019-10719
CVE-2019-10719 (and related CVE-2019-10720) affect BlogEngine.NET 3.3.7.0 and earlier. The vulnerability arises from Directory Traversal and Remote Code Execution due to mishandling of file creation in /api/upload (UploadController.cs) and related paths, noted as stemming from an incomplete fix f...
CVE-2019-6714
BlogEngine.NET 3.3.6.0 and earlier is affected by CVE-2019-6714: a path traversal and Local File Inclusion in PostList.ascx.cs allows unauthenticated users to load PostView.ascx from the local filesystem; featured risk if an authenticated user uploads a PostView.ascx via the file manager, enablin...
BlogEngine.NET 3.3.6 - Directory Traversal / Remote Code Execution
Exploit Title: BlogEngine.NET = 3.3.6 Directory Traversal RCE Date: 02-11-2019 Exploit Author: Dustin Cobb Vendor Homepage: https://github.com/rxtur/BlogEngine.NET/ Software Link: https://github.com/rxtur/BlogEngine.NET/releases/download/v3.3.6.0/3360.zip Version: = 3.3.6 Tested on: Windows 2016...
BlogEngine.NET 3.3.6 - Directory Traversal / Remote Code Execution Vulnerabilities
Exploit for asp platform in category web applications Exploit Title: BlogEngine.NET = 3.3.6 Directory Traversal RCE Date: 02-11-2019 Exploit Author: Dustin Cobb Vendor Homepage: https://github.com/rxtur/BlogEngine.NET/ Software Link:...
BlogEngine.NET 3.3.6 Directory Traversal / Remote Code Execution
Exploit Title: BlogEngine.NET = 3.3.6 Directory Traversal RCE Date: 02-11-2019 Exploit Author: Dustin Cobb Vendor Homepage: https://github.com/rxtur/BlogEngine.NET/ Software Link: https://github.com/rxtur/BlogEngine.NET/releases/download/v3.3.6.0/3360.zip Version: = 3.3.6 Tested on: Windows 2016...
CVE-2019-6714
creationtimestamp| type| source ---|---|--- 2019-02-12 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46353 2023-01-01 11:47:36+00:00| published-proof-of-concept| https://t.me/TopCyberTechNews/223...