Vulnerability: BlogEngine.NET 3.3.7.0 - Local File Inclusion

BlogEngine.NET 3.3.7.0 allows /api/filemanager local file inclusion via the path parameter

Impact

An attacker can exploit this vulnerability to read sensitive files, execute arbitrary code, or launch further attacks.

Severity

high

Verified

Unknown