Vulnerabilities > Blogengine

DATE CVE VULNERABILITY TITLE RISK
2019-05-07 CVE-2018-14485 XXE vulnerability in Blogengine Blogengine.Net 3.3
BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd.
network
low complexity
blogengine CWE-611
7.5
2019-03-21 CVE-2019-6714 Path Traversal vulnerability in Blogengine Blogengine.Net 3.3.5.0/3.3.6.0
An issue was discovered in BlogEngine.NET through 3.3.6.0.
network
low complexity
blogengine CWE-22
7.5
2014-07-24 CVE-2014-4736 SQL Injection vulnerability in Blogengine E2 2.4
SQL injection vulnerability in E2 before 2.4 (2845) allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process.
network
low complexity
blogengine CWE-89
7.5