Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blogengine blogengine.net vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-22856
A stored Cross-site Scripting (XSS) vulnerability in BlogEngine.NET 3.3.8.0, allows injection of arbitrary JavaScript in the security context of a blog visitor through an upload of a specially crafted file.
Blogengine Blogengine.net 3.3.8.0
9.8
CVSSv3
CVE-2022-41417
BlogEngine.NET v3.3.8.0 allows an malicious user to create any folder with "files" prefix under ~/App_Data/.
Blogengine Blogengine.net 3.3.8.0
9.8
CVSSv3
CVE-2018-14485
BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd.
Blogengine Blogengine.net 3.3
1 EDB exploit
6.1
CVSSv3
CVE-2019-10721
BlogEngine.NET 3.3.7.0 allows a Client Side URL Redirect via the ReturnUrl parameter, related to BlogEngine/BlogEngine.Core/Services/Security/Security.cs, login.aspx, and register.aspx.
Dotnetblogengine Blogengine.net 3.3.7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2