| Max CVSS | 7.5 | Min CVSS | 5.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-10717 | 5.5 |
BlogEngine.NET 3.3.7.0 allows /api/filemanager Directory Traversal via the path parameter.
|
10-07-2019 - 17:42 | 03-07-2019 - 16:15 | |
| CVE-2019-10721 | 5.8 |
BlogEngine.NET 3.3.7.0 allows a Client Side URL Redirect via the ReturnUrl parameter, related to BlogEngine/BlogEngine.Core/Services/Security/Security.cs, login.aspx, and register.aspx.
|
10-07-2019 - 16:55 | 03-07-2019 - 16:15 | |
| CVE-2018-14485 | 7.5 |
BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd.
|
08-05-2019 - 19:10 | 07-05-2019 - 18:29 |