Vulnerability Details CVE-2023-33404
An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.223
EPSS Ranking 97.4%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2023-33404
-
cpe:2.3:a:blogengine:blogengine.net:3.3
-
cpe:2.3:a:blogengine:blogengine.net:3.3.5.0
-
cpe:2.3:a:blogengine:blogengine.net:3.3.6.0
-
cpe:2.3:a:blogengine:blogengine.net:3.3.7.0
-
cpe:2.3:a:blogengine:blogengine.net:3.3.8.0