Blogengine.net@* Security Vulnerabilities and Issues — Blogengine.net@* CVE List

Lucene search

BlogengineBlogengine.net*

4 matches found

CVE•added 2019/06/21 7:15 p.m.•364 views

CVE-2019-10720

BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution via the theme cookie to the File Manager. NOTE: this issue exists because of an incomplete fix for CVE-2019-6714.

8.8CVSS9.4AI score0.24252EPSS

CVE•added 2019/03/21 4:1 p.m.•87 views

CVE-2019-6714

An issue was discovered in BlogEngine.NET through 3.3.6.0. A path traversal and Local File Inclusion vulnerability in PostList.ascx.cs can cause unauthenticated users to load a PostView.ascx component from a potentially untrusted location on the local filesystem. This is especially dangerous if an ...

9.8CVSS9.1AI score0.24252EPSS

CVE•added 2023/06/26 8:15 p.m.•51 views

CVE-2023-33404

An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code.

9.8CVSS9.5AI score0.84342EPSS

CVE•added 2023/06/21 9:15 p.m.•46 views

CVE-2023-33405

Blogengine.net 3.3.8.0 and earlier is vulnerable to Open Redirect.

6.1CVSS6.2AI score0.49268EPSS