Lucene search
PRIOn knowledge basePRION:CVE-2019-6714HistoryMar 21, 2019 - 4:01 p.m.
Path traversal
2019-03-2116:01:00
PRIOn knowledge base
www.prio-n.com
An issue was discovered in BlogEngine.NET through 3.3.6.0. A path traversal and Local File Inclusion vulnerability in PostList.ascx.cs can cause unauthenticated users to load a PostView.ascx component from a potentially untrusted location on the local filesystem. This is especially dangerous if an authenticated user uploads a PostView.ascx file using the file manager utility, which is currently allowed. This results in remote code execution for an authenticated user.
| CPE | Name | Operator | Version |
|---|---|---|---|
| blogengine.net | le | 3.3.6.0 |
Related
packetstorm
packetstorm
BlogEngine.NET 3.3.6 Directory Traversal / Remote Code Execution
2019-02-12 00:00:00
BlogEngine.NET 3.3.7 Directory Traversal / Remote Code Execution
2019-06-18 00:00:00
cve
cve
osv
osv
nvd
nvd
cvelist
cvelist
zdt
zdt
exploitpack
exploitpack
BlogEngine.NET 3.3.6 - Directory Traversal Remote Code Execution
2019-02-12 00:00:00
exploitdb
exploitdb
BlogEngine.NET 3.3.6 - Directory Traversal / Remote Code Execution
2019-02-12 00:00:00
prion
prion
Directory traversal
2019-06-21 19:15:00
Directory traversal
2019-06-21 19:15:00
attackerkb
attackerkb
CVE-2019-10719
2019-06-21 00:00:00