Shodan
Maps
Images
Monitor
Developer
More...
Dashboard
View Api Docs
Vulnerabilities
By Date
Known Exploited
Advanced Search
Vulnerable Software
Vendors
Products
Vulnerability Details CVE-2019-10717
BlogEngine.NET 3.3.7.0 allows /api/filemanager Directory Traversal via the path parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score
0.149
EPSS Ranking
94.3%
CVSS Severity
CVSS v3 Score
7.1
CVSS v2 Score
5.5
References
http://seclists.org/fulldisclosure/2019/Jun/44
https://github.com/rxtur/BlogEngine.NET/commits/master
https://www.securitymetrics.com/blog/Blogenginenet-Directory-Traversal-Listing-Login-Page-Unvalidated-Redirect
http://seclists.org/fulldisclosure/2019/Jun/44
https://github.com/rxtur/BlogEngine.NET/commits/master
https://www.securitymetrics.com/blog/Blogenginenet-Directory-Traversal-Listing-Login-Page-Unvalidated-Redirect
Products affected by CVE-2019-10717
Dotnetblogengine
»
Blogengine.net
»
Version:
3.3.7.0
cpe:2.3:a:dotnetblogengine:blogengine.net:3.3.7.0
Products
Monitor
Search Engine
Developer API
Maps
Bulk Data
Images
Snippets
Pricing
Membership
API Subscriptions
Enterprise
Contact Us
support@shodan.io
Shodan ® - All rights reserved