Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
blogengine vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-22856
A stored Cross-site Scripting (XSS) vulnerability in BlogEngine.NET 3.3.8.0, allows injection of arbitrary JavaScript in the security context of a blog visitor through an upload of a specially crafted file.
Blogengine Blogengine.net 3.3.8.0
5.4
CVSSv3
CVE-2023-22857
A stored Cross-site Scripting (XSS) vulnerability in BlogEngine.NET 3.3.8.0, allows injection of arbitrary JavaScript in the security context of a blog visitor through an injection of a malicious payload into a blog post.
Blogengine Blogengine.net 3.3.8.0
5.3
CVSSv3
CVE-2023-22858
An Improper Access Control vulnerability in BlogEngine.NET 3.3.8.0, allows unauthenticated visitors to access the files of unpublished blogs.
Blogengine Blogengine.net 3.3.8.0
9.8
CVSSv3
CVE-2018-14485
BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd.
Blogengine Blogengine.net 3.3
1 EDB exploit
6.1
CVSSv3
CVE-2019-10721
BlogEngine.NET 3.3.7.0 allows a Client Side URL Redirect via the ReturnUrl parameter, related to BlogEngine/BlogEngine.Core/Services/Security/Security.cs, login.aspx, and register.aspx.
Dotnetblogengine Blogengine.net 3.3.7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2