BlogEngine.NET 2.8.0.0 and previous versions allows remote malicious users to read usernames and password hashes via a request for the sioc.axd file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dotnetblogengine blogengine.net 1.5 |
||
dotnetblogengine blogengine.net 1.6 |
||
dotnetblogengine blogengine.net 2.0 |
||
dotnetblogengine blogengine.net 2.5 |
||
dotnetblogengine blogengine.net 2.7 |
||
dotnetblogengine blogengine.net 1.4.5 |
||
dotnetblogengine blogengine.net 2.6 |
||
dotnetblogengine blogengine.net |