Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dotnetnuke
(Dnnsoftware)| Repositories | https://github.com/dnnsoftware/Dnn.Platform |
| #Vulnerabilities | 16 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-07-03 | CVE-2018-15811 | DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters. | Dotnetnuke | 7.5 | ||
| 2019-07-03 | CVE-2018-18325 | DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811. | Dotnetnuke | 7.5 | ||
| 2017-07-20 | CVE-2017-9822 | DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites." | Dotnetnuke | 8.8 | ||
| 2023-04-12 | CVE-2022-47053 | An arbitrary file upload vulnerability in the Digital Assets Manager module of DNN Corp DotNetNuke v7.0.0 to v9.10.2 allows attackers to execute arbitrary code via a crafted SVG file. | Dotnetnuke | 5.4 | ||
| 2020-02-24 | CVE-2020-5186 | DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2). | Dotnetnuke | 5.4 | ||
| 2020-02-24 | CVE-2020-5187 | DNN (formerly DotNetNuke) through 9.4.4 allows Path Traversal (issue 2 of 2). | Dotnetnuke | 8.8 |