Vulnerabilities > Blogengine > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-19 | CVE-2022-41418 | Path Traversal vulnerability in Blogengine Blogengine.Net 3.3.8.0 An issue in the component BlogEngine/BlogEngine.NET/AppCode/Api/UploadController.cs of BlogEngine.NET v3.3.8.0 allows attackers to execute arbitrary code via uploading a crafted PNG file. | 7.2 |
| 2019-05-07 | CVE-2018-14485 | XXE vulnerability in Blogengine Blogengine.Net 3.3 BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd. | 7.5 |
| 2019-03-21 | CVE-2019-6714 | Path Traversal vulnerability in Blogengine Blogengine.Net 3.3.5.0/3.3.6.0 An issue was discovered in BlogEngine.NET through 3.3.6.0. | 7.5 |
| 2014-07-24 | CVE-2014-4736 | SQL Injection vulnerability in Blogengine E2 2.4 SQL injection vulnerability in E2 before 2.4 (2845) allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process. | 7.5 |