Unrated severityNVD Advisory· Published Jan 3, 2014· Updated Apr 29, 2026
CVE-2013-6953
CVE-2013-6953
Description
BlogEngine.NET 2.8.0.0 and earlier allows remote attackers to read usernames and password hashes via a request for the sioc.axd file.
Affected products
8cpe:2.3:a:dotnetblogengine:blogengine.net:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:dotnetblogengine:blogengine.net:*:*:*:*:*:*:*:*range: <=2.8
- cpe:2.3:a:dotnetblogengine:blogengine.net:1.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:dotnetblogengine:blogengine.net:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:dotnetblogengine:blogengine.net:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:dotnetblogengine:blogengine.net:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:dotnetblogengine:blogengine.net:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:dotnetblogengine:blogengine.net:2.6:*:*:*:*:*:*:*
- cpe:2.3:a:dotnetblogengine:blogengine.net:2.7:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.kb.cert.org/vuls/id/553166nvdUS Government Resource
News mentions
0No linked articles in our index yet.