Arbitrary Code Execution Vulnerability in BlogEngine.NET v3.3.8.0 via Crafted PNG File Upload
CVE-2022-41418 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
An issue in the component BlogEngine/BlogEngine.NET/AppCode/Api/UploadController.cs of BlogEngine.NET v3.3.8.0 allows attackers to execute arbitrary code via uploading a crafted PNG file.
Learn more about our Api Penetration Testing.