{"id":"CVE-2019-6714","details":"An issue was discovered in BlogEngine.NET through 3.3.6.0. A path traversal and Local File Inclusion vulnerability in PostList.ascx.cs can cause unauthenticated users to load a PostView.ascx component from a potentially untrusted location on the local filesystem. This is especially dangerous if an authenticated user uploads a PostView.ascx file using the file manager utility, which is currently allowed. This results in remote code execution for an authenticated user.","modified":"2026-04-02T02:07:56.852799Z","published":"2019-03-21T16:01:09.390Z","references":[{"type":"WEB","url":"http://seclists.org/fulldisclosure/2019/Jun/26"},{"type":"ADVISORY","url":"https://github.com/rxtur/BlogEngine.NET/"},{"type":"ARTICLE","url":"https://blogengine.io/"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/46353/"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/151628/BlogEngine.NET-3.3.6-Directory-Traversal-Remote-Code-Execution.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/rxtur/blogengine.net","events":[{"introduced":"0"},{"last_affected":"99a3322bd3140cbce8c48fae7bad3b3e0c70fc2b"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.3.6.0"}]}}],"versions":["3.3.5.0","v3.3.6.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-6714.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}