BlogEngine.NET 3.3.7.0 and previous versions allows XML External Entity Blind Injection, related to pingback.axd and BlogEngine.Core/Web/HttpHandlers/PingbackHandler.cs.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dotnetblogengine blogengine.net |