Full title: BlogEngine.NET 3.3.6/3.3.7 - dirPath Directory Traversal / Remote Code Execution Exploit 
Category: web applications
Platform: asp
BlogEngine.NET versions 3.3.7 and earlier are vulnerable to two separate directory traversal issues that can lead to remote code execution.

# 0day.today @ http://0day.today/