hacip

2 exploits Active since Jun 2023
CVE-2023-33404 NOMISEC CRITICAL WRITEUP
BlogEngine.NET < 3.3.8.0 - Remote Code Execution via Insufficient Upload Validation
An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code.
CVSS 9.8
CVE-2023-33405 NOMISEC MEDIUM WRITEUP
Blogengine.net <3.3.8.0 - Open Redirect
Blogengine.net 3.3.8.0 and earlier is vulnerable to Open Redirect.
CVSS 6.1