Vulnerabilities > Blogengine

DATE CVE VULNERABILITY TITLE RISK
2019-06-21 CVE-2019-10720 Path Traversal vulnerability in Blogengine Blogengine.Net
BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remote Code Execution via the theme cookie to the File Manager.
network
low complexity
blogengine CWE-22
8.8
2019-05-07 CVE-2018-14485 XXE vulnerability in Blogengine Blogengine.Net 3.3
BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd.
network
low complexity
blogengine CWE-611
critical
9.8
2019-03-21 CVE-2019-6714 Path Traversal vulnerability in Blogengine Blogengine.Net 3.3/3.3.5.0/3.3.6.0
An issue was discovered in BlogEngine.NET through 3.3.6.0.
network
low complexity
blogengine CWE-22
critical
9.8