Vulnerabilities > Blogengine
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-07 | CVE-2018-14485 | XXE vulnerability in Blogengine Blogengine.Net 3.3 BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd. | 7.5 |
2019-03-21 | CVE-2019-6714 | Path Traversal vulnerability in Blogengine Blogengine.Net 3.3.5.0/3.3.6.0 An issue was discovered in BlogEngine.NET through 3.3.6.0. | 7.5 |
2014-07-24 | CVE-2014-4736 | SQL Injection vulnerability in Blogengine E2 2.4 SQL injection vulnerability in E2 before 2.4 (2845) allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process. | 7.5 |