Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

dotnetnuke dotnetnuke 4.8.3 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2008-6733
Cross-site scripting (XSS) vulnerability in the error handling page in DotNetNuke 4.6.2 up to and including 4.8.3 allows remote malicious users to inject arbitrary web script or HTML via the querystring parameter.
Dotnetnuke Dotnetnuke 4.8.2Dotnetnuke Dotnetnuke 4.8.3Dotnetnuke Dotnetnuke 4.6.2Dotnetnuke Dotnetnuke 4.8.1
NA
CVE-2008-6399
Unspecified vulnerability in DotNetNuke 4.5.2 up to and including 4.9 allows remote malicious users to "add additional roles to their user account" via unknown attack vectors.
Dotnetnuke Dotnetnuke 4.9Dotnetnuke Dotnetnuke 4.8.4Dotnetnuke Dotnetnuke 4.8.3Dotnetnuke Dotnetnuke 4.8.2Dotnetnuke Dotnetnuke 4.5.2Dotnetnuke Dotnetnuke 4.8.1
NA
CVE-2008-7100
Unspecified vulnerability in DotNetNuke 4.4.1 up to and including 4.8.4 allows remote authenticated users to bypass authentication and gain privileges via unknown vectors related to a "unique id" for user actions and improper validation of a "user identity."
Dotnetnuke Dotnetnuke 4.6.1Dotnetnuke Dotnetnuke 4.6.2Dotnetnuke Dotnetnuke 4.5.5Dotnetnuke Dotnetnuke 4.6.0Dotnetnuke Dotnetnuke 4.8.3Dotnetnuke Dotnetnuke 4.8.4Dotnetnuke Dotnetnuke 4.4.1Dotnetnuke Dotnetnuke 4.7.0Dotnetnuke Dotnetnuke 4.8.0Dotnetnuke Dotnetnuke 4.5.2Dotnetnuke Dotnetnuke 4.5.4Dotnetnuke Dotnetnuke 4.8.1Dotnetnuke Dotnetnuke 4.8.2
NA
CVE-2009-4110
Cross-site scripting (XSS) vulnerability in the search functionality in DotNetNuke 4.8 up to and including 5.1.4 allows remote malicious users to inject arbitrary web script or HTML via search terms that are not properly filtered before display in a custom results page.
Dotnetnuke Dotnetnuke 4.8.0Dotnetnuke Dotnetnuke 4.9.2Dotnetnuke Dotnetnuke 5.0Dotnetnuke Dotnetnuke 4.8.1Dotnetnuke Dotnetnuke 4.8.2Dotnetnuke Dotnetnuke 5.1Dotnetnuke Dotnetnuke 5.1.3Dotnetnuke Dotnetnuke 4.8.3Dotnetnuke Dotnetnuke 4.8.4Dotnetnuke Dotnetnuke 5.1.2Dotnetnuke Dotnetnuke 5.1.1Dotnetnuke Dotnetnuke 5.1.4Dotnetnuke Dotnetnuke 4.9Dotnetnuke Dotnetnuke 4.9.1
NA
CVE-2008-6644
Cross-site scripting (XSS) vulnerability in Default.aspx in DotNetNuke 4.8.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Dotnetnuke Dotnetnuke 4.8.1Dotnetnuke Dotnetnuke 3.0.11Dotnetnuke Dotnetnuke 1.0.10eDotnetnuke Dotnetnuke 1.0.10dDotnetnuke Dotnetnuke 3.0.7Dotnetnuke Dotnetnuke 3.0.8Dotnetnuke Dotnetnuke 1.0.7Dotnetnuke Dotnetnuke 1.0.6Dotnetnuke Dotnetnuke 3.1.0Dotnetnuke Dotnetnuke 1.0.9Dotnetnuke Dotnetnuke 3.3.5Dotnetnuke Dotnetnuke 4.3.5Dotnetnuke Dotnetnuke 4.0Dotnetnuke Dotnetnuke 4.8.2Dotnetnuke Dotnetnuke 1.0.8Dotnetnuke Dotnetnuke 2.1.2Dotnetnuke Dotnetnuke 2.1.1Dotnetnuke Dotnetnuke 4.5.2Dotnetnuke Dotnetnuke
NA
CVE-2008-7101
Unspecified vulnerability in DotNetNuke 4.0 up to and including 4.8.4 and 5.0 allows remote malicious users to obtain sensitive information (portal number) by accessing the install wizard page via unknown vectors.
Dotnetnuke Dotnetnuke 4.6.2Dotnetnuke Dotnetnuke 4.3.5Dotnetnuke Dotnetnuke 5.0Dotnetnuke Dotnetnuke 4.7.0Dotnetnuke Dotnetnuke 4.5.2Dotnetnuke Dotnetnuke 4.0Dotnetnuke Dotnetnuke 4.8.3Dotnetnuke Dotnetnuke 4.8.2Dotnetnuke Dotnetnuke 4.4.1Dotnetnuke Dotnetnuke 4.6.1Dotnetnuke Dotnetnuke 4.5.4Dotnetnuke Dotnetnuke 4.8.4Dotnetnuke Dotnetnuke 4.5.5Dotnetnuke Dotnetnuke 4.6.0Dotnetnuke Dotnetnuke 4.8.1Dotnetnuke Dotnetnuke 4.8.0
NA
CVE-2008-7102
DotNetNuke 2.0 up to and including 4.8.4 allows remote malicious users to load .ascx files instead of skin files, and possibly access privileged functionality, via unknown vectors related to parameter validation.
Dotnetnuke Dotnetnuke 3.1.0Dotnetnuke Dotnetnuke 3.3.5Dotnetnuke Dotnetnuke 4.6.0Dotnetnuke Dotnetnuke 4.6.1Dotnetnuke Dotnetnuke 4.8.4Dotnetnuke Dotnetnuke 2.1.1Dotnetnuke Dotnetnuke 2.1.2Dotnetnuke Dotnetnuke 4.4.1Dotnetnuke Dotnetnuke 4.5.2Dotnetnuke Dotnetnuke 4.8.0Dotnetnuke Dotnetnuke 4.8.1Dotnetnuke Dotnetnuke 4.0Dotnetnuke Dotnetnuke 4.3.5Dotnetnuke Dotnetnuke 4.6.2Dotnetnuke Dotnetnuke 4.7.0Dotnetnuke Dotnetnuke 3.0.11Dotnetnuke Dotnetnuke 3.0.7Dotnetnuke Dotnetnuke 3.0.8Dotnetnuke Dotnetnuke 4.5.4Dotnetnuke Dotnetnuke 4.5.5Dotnetnuke Dotnetnuke 4.8.2Dotnetnuke Dotnetnuke 4.8.3
NA
CVE-2009-4109
The install wizard in DotNetNuke 4.0 up to and including 5.1.4 does not prevent anonymous users from accessing functionality related to determination of the need for an upgrade, which allows remote malicious users to access version information and possibly other sensitive informa...
Dotnetnuke Dotnetnuke 4.5.5Dotnetnuke Dotnetnuke 4.6.0Dotnetnuke Dotnetnuke 4.6.1Dotnetnuke Dotnetnuke 4.6.2Dotnetnuke Dotnetnuke 5.1.2Dotnetnuke Dotnetnuke 5.1.1Dotnetnuke Dotnetnuke 5.1.4Dotnetnuke Dotnetnuke 4.3.5Dotnetnuke Dotnetnuke 4.5.2Dotnetnuke Dotnetnuke 4.8.0Dotnetnuke Dotnetnuke 4.8.2Dotnetnuke Dotnetnuke 4.9.2Dotnetnuke Dotnetnuke 5.1Dotnetnuke Dotnetnuke 4.0Dotnetnuke Dotnetnuke 4.8.3Dotnetnuke Dotnetnuke 4.8.4Dotnetnuke Dotnetnuke 4.9Dotnetnuke Dotnetnuke 4.9.1Dotnetnuke Dotnetnuke 4.4.1Dotnetnuke Dotnetnuke 4.5.4Dotnetnuke Dotnetnuke 4.7.0Dotnetnuke Dotnetnuke 4.8.1
NA
CVE-2009-1366
Cross-site scripting (XSS) vulnerability in Website\admin\Sales\paypalipn.aspx in DotNetNuke (DNN) prior to 4.9.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to "name/value pairs" and "paypal IPN functionalit...
Dotnetnuke Dotnetnuke 1.0.6Dotnetnuke Dotnetnuke 1.0.7Dotnetnuke Dotnetnuke 4.0Dotnetnuke Dotnetnuke 3.3.5Dotnetnuke Dotnetnuke 4.5.5Dotnetnuke Dotnetnuke 4.6.1Dotnetnuke Dotnetnuke 4.6.2Dotnetnuke Dotnetnuke 4.9Dotnetnuke DotnetnukeDotnetnuke Dotnetnuke 1.0.8Dotnetnuke Dotnetnuke 1.0.9Dotnetnuke Dotnetnuke 3.0.7Dotnetnuke Dotnetnuke 4.6.0Dotnetnuke Dotnetnuke 4.7.0Dotnetnuke Dotnetnuke 4.8.0Dotnetnuke Dotnetnuke 4.9.1Dotnetnuke Dotnetnuke 2.1.1Dotnetnuke Dotnetnuke 2.1.2Dotnetnuke Dotnetnuke 3.0.8Dotnetnuke Dotnetnuke 3.1.0Dotnetnuke Dotnetnuke 4.8.1Dotnetnuke Dotnetnuke 4.8.2
NA
CVE-2013-7335
Open redirect vulnerability in DotNetNuke (DNN) prior to 6.2.9 and 7.x prior to 7.1.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Dotnetnuke Dotnetnuke 6.1.3Dotnetnuke Dotnetnuke 6.1.5Dotnetnuke Dotnetnuke 6.2.6Dotnetnuke DotnetnukeDotnetnuke Dotnetnuke 7.0.4Dotnetnuke Dotnetnuke 6.2.1Dotnetnuke Dotnetnuke 6.2.2Dotnetnuke Dotnetnuke 6.2.3Dotnetnuke Dotnetnuke 6.2.4Dotnetnuke Dotnetnuke 6.0.1Dotnetnuke Dotnetnuke 6.0.0Dotnetnuke Dotnetnuke 5.1.4Dotnetnuke Dotnetnuke 5.1.3Dotnetnuke Dotnetnuke 4.8.1Dotnetnuke Dotnetnuke 4.8.0Dotnetnuke Dotnetnuke 4.7.0Dotnetnuke Dotnetnuke 4.6.2Dotnetnuke Dotnetnuke 4.6.1Dotnetnuke Dotnetnuke 2.1.2Dotnetnuke Dotnetnuke 2.1.1Dotnetnuke Dotnetnuke 1.0.9Dotnetnuke Dotnetnuke 1.0.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook