Unrestricted Upload Vulnerability in BlogEngine.Net 3.3.8.0 and Earlier
CVE-2023-33404 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code.
Learn more about our Web Application Penetration Testing UK.