PT-2022-23496 · Unknown · Blogengine

Name of the Vulnerable Software and Affected Versions: BlogEngine version 3.3.8.0 Description: A cross-site scripting XSS issue was found in the /blogengine/api/posts component, allowing attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Description field...

BlogEngine 跨站脚本漏洞

BlogEngine is an open source ASP.NET blog system . The system supports Ajax comments, custom themes and so on. A cross-site scripting vulnerability exists in BlogEngine version v3.3.8.0, which was discovered to contain a cross-site scripting XSS vulnerability via the component...

CVE-2022-28921

A Cross-Site Request Forgery CSRF vulnerability discovered in BlogEngine.Net v3.3.8.0 allows unauthenticated attackers to read arbitrary files on the hosting web server...

BlogEngine 跨站请求伪造漏洞

BlogEngine is an open source ASP.NET blog system . The system supports Ajax comments, custom themes and so on. BlogEngine v3.3.8.0 version has a security vulnerability that can be exploited by an unauthenticated attacker to read arbitrary files on the hosting web server...

BlogEngine 3.3.8 Cross Site Scripting

Exploit Title: BlogEngine 3.3.8 - 'Content' Stored XSS Date: 11/2020 Exploit Author: Andrey Stoykov Vendor Homepage: https://blogengine.io/ Software Link: https://github.com/BlogEngine/BlogEngine.NET/releases/download/v3.3.8.0/3380.zip Version: 3.3.8 Tested on: Windows Server 2016 Exploit and...

BlogEngine 3.3.8 - 'Content' Stored XSS

Exploit Title: BlogEngine 3.3.8 - 'Content' Stored XSS Date: 11/2020 Exploit Author: Andrey Stoykov Vendor Homepage: https://blogengine.io/ Software Link: https://github.com/BlogEngine/BlogEngine.NET/releases/download/v3.3.8.0/3380.zip Version: 3.3.8 Tested on: Windows Server 2016 Exploit and...

BlogEngine 3.3 - 'syndication.axd' XML External Entity Injection

Title: BlogEngine 3.3 - 'syndication.axd' XML External Entity Injection Author: Daniel Martinez Adan aDoN90 Date: 2020-05-01 Homepage: https://blogengine.io/ Software Link: https://blogengine.io/support/download/ Affected Versions: 3.3 Vulnerability: XML External Entity XXE OOB Injection...

BlogEngine 3.3 - (syndication.axd) XML External Entity Injection Vulnerability

Exploit for xml platform in category web applications Title: BlogEngine 3.3 - 'syndication.axd' XML External Entity Injection Author: Daniel Martinez Adan aDoN90 Homepage: https://blogengine.io/ Software Link: https://blogengine.io/support/download/ Affected Versions: 3.3 Vulnerability: XML...

BlogEngine 3.3 XML Injection

Name: XML External Entity Injection OOB Vulnerability in BlogEngine 3.3 Affected Software: BlogEngine Affected Versions: 3.3 Homepage: https://blogengine.io/ Vulnerability: XML External Entity XXE OOB Injection Vulnerability Severity: High Status: Fixed Author: Daniel Martinez Adan aDoN90 CVSS...

BlogEngine path traversal vulnerability (CNVD-2019-21427)

BlogEngine is an open source ASP.NET blog system . The system supports Ajax comments , custom themes and so on. A path traversal vulnerability exists in BlogEngine version 3.3.7.0. The vulnerability stems from a failure of a network system or product to properly filter special elements in the pat...

BlogEngine path traversal vulnerability (CNVD-2019-18836)

BlogEngine is an open source ASP.NET blog system . The system supports Ajax comments , custom themes and so on. A path traversal vulnerability exists in BlogEngine 3.3.7 and earlier versions. The vulnerability stems from the failure of a network system or product to properly filter special elemen...

BlogEngine Path Traversal Vulnerability

BlogEngine is an open source ASP.NET blog system . The system supports Ajax comments , custom themes and so on. A path traversal vulnerability exists in BlogEngine 3.3.7 and earlier versions. The vulnerability stems from the failure of a network system or product to properly filter special elemen...

CVE-2018-14485

BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd...

BlogEngine XML External Entity Injection Vulnerability

BlogEngine is an open source ASP.NET blog system . The system supports Ajax comments , custom themes and so on. An XML external entity injection vulnerability exists in BlogEngine version 3.3. Currently there is no information about this vulnerability , please stay tuned to CNNVD or vendor...

BlogEngine 3.3 - XML External Entity Injection Vulnerability

Exploit for windows platform in category web applications XML External Entity Injection Vulnerability in BlogEngine 3.3 Information -------------------- Advisory by Netsparker Name: XML External Entity Injection Vulnerability in BlogEngine 3.3 Affected Software: BlogEngine Affected Versions: 3.3...

BlogEngine 3.3 - XML External Entity Injection

BlogEngine 3.3 - XML External Entity Injection XML External Entity Injection Vulnerability in BlogEngine 3.3 Information -------------------- Advisory by Netsparker Name: XML External Entity Injection Vulnerability in BlogEngine 3.3 Affected Software: BlogEngine Affected Versions: 3.3 Homepage:...

BlogEngine 3.3 - XML External Entity Injection

XML External Entity Injection Vulnerability in BlogEngine 3.3 Information -------------------- Advisory by Netsparker Name: XML External Entity Injection Vulnerability in BlogEngine 3.3 Affected Software: BlogEngine Affected Versions: 3.3 Homepage: https://blogengine.io/ Vulnerability: XML Extern...

BlogEngine 3.3 XML External Entity Injection

XML External Entity Injection Vulnerability in BlogEngine 3.3 Information -------------------- Advisory by Netsparker Name: XML External Entity Injection Vulnerability in BlogEngine 3.3 Affected Software: BlogEngine Affected Versions: 3.3 Homepage: https://blogengine.io/ Vulnerability: XML Extern...