CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2026/01/09 12:23 p.m.•4 views

CVE-2018-14485

BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd...

9.8CVSS6.9AI score0.40467EPSS

Exploits2References1

Prion•added 2019/05/07 6:29 p.m.•11 views

Design/Logic Flaw

BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd...

7.5CVSS9.3AI score0.40467EPSS

Exploits2References3Affected Software1

NVD•added 2019/05/07 6:29 p.m.•18 views

CVE-2018-14485

BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd...

9.8CVSS9.4AI score0.40467EPSS

Exploits2References3

CVE•added 2019/05/07 5:47 p.m.•48 views

CVE-2018-14485

CVE-2018-14485 affects BlogEngine.NET 3.3. It is a XML External Entity (XXE) Injection vulnerability triggered by a POST to /metaweblog.axd, due to insufficient XXE handling. Public advisories (e.g., Netsparker) document the issue and note the status as Not Fixed. Impact is high; CVSS data indica...

9.8CVSS9.2AI score0.40467EPSS

Exploits2References3Affected Software1