Vulnerabilities > Miniblog Core Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-04-16 | CVE-2019-9845 | Improper Input Validation vulnerability in Miniblog.Core Project Miniblog.Core madskristensen Miniblog.Core through 2019-01-16 allows remote attackers to execute arbitrary ASPX code via an IMG element with a data: URL, because SaveFilesToDisk in Controllers/BlogController.cs writes a decoded base64 string to a file without validating the extension. | 7.5 |