Vulnerabilities > Blogengine > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-26 | CVE-2023-33404 | Unrestricted Upload of File with Dangerous Type vulnerability in Blogengine Blogengine.Net An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code. | 9.8 |
| 2023-01-18 | CVE-2022-41417 | Missing Authorization vulnerability in Blogengine Blogengine.Net 3.3.8.0 BlogEngine.NET v3.3.8.0 allows an attacker to create any folder with "files" prefix under ~/App_Data/. | 9.8 |