Vulnerabilities > Miniblog Core Project

DATE CVE VULNERABILITY TITLE RISK
2022-09-02 CVE-2022-37679 Cross-site Scripting vulnerability in Miniblog.Core Project Miniblog.Core 1.0
Miniblog.Core v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /blog/edit.
network
low complexity
miniblog-core-project CWE-79
4.8
2019-04-16 CVE-2019-9845 Improper Input Validation vulnerability in Miniblog.Core Project Miniblog.Core
madskristensen Miniblog.Core through 2019-01-16 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in Controllers/BlogController.cs writes a decoded base64 string to a file without validating the extension.
network
low complexity
miniblog-core-project CWE-20
critical
9.8