Home   Recent News   Download   Documentation   Cook Computing

XML-RPC.NET

Latest News

5th April 2016

A serious XML RPC vulnerability has been found affecting all versions of XML-RPC.NET prior to version 2.5.0.

The library is vulnerable to an XML External Entity (XXE) attack, which can be used to exfiltrate local files off the target server as well as the target’s network. It can potentially lead to other internal network attacks such as SQL Injection and Remote Code Execution (RCE).

Installations using a version prior to version 2.5.0 should update to version 2.5.0. Installations using version 3.0.0 are not vulnerable.

1st April 2012

Charles Cook blogs about Implementing an XML-RPC Service with ASP.NET MVC.

12th March 2012

A new snapshot of release 3.0.0 now available here.

29th August 2011

A new snapshot of release 3.0.0 now available here.

15th May 2011

The release 3.0.0 development snapshot of XML-RPC.NET is now available on NuGet as two packages:

NuGet doesn't support pre-release packages so the dev snapshot is displayed in the Visual Studio "Add Library Package Reference", not the recommended 2.5.0 release. Charles Cook has blogged about a workaround for this — Installing Current Release of XML-RPC.NET from NuGet .

17th April 2011

Snapshot of release 3.0.0 now available here.

18th March 2011

Charles Cook blogs some sample code for accessing the Internet UPC Database.

12th January 2011

XML-RPC.NET is now available via NuGet. Charles Cook blogs about this here.

1st August 2010

Scott Hanselman blogs about using XML-RPC.NET to implement a local server that exposes the MetaWeblog API: NotABlog: A Local XML-RPC MetaWebLog Endpoint That Lies To Windows Live Writer