Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dotnetnuke dotnetnuke 4.8.4 vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2008-6399
Unspecified vulnerability in DotNetNuke 4.5.2 up to and including 4.9 allows remote malicious users to "add additional roles to their user account" via unknown attack vectors.
Dotnetnuke Dotnetnuke 4.9
Dotnetnuke Dotnetnuke 4.8.4
Dotnetnuke Dotnetnuke 4.8.3
Dotnetnuke Dotnetnuke 4.8.2
Dotnetnuke Dotnetnuke 4.5.2
Dotnetnuke Dotnetnuke 4.8.1
6.5
CVSSv2
CVE-2008-7100
Unspecified vulnerability in DotNetNuke 4.4.1 up to and including 4.8.4 allows remote authenticated users to bypass authentication and gain privileges via unknown vectors related to a "unique id" for user actions and improper validation of a "user identity."
Dotnetnuke Dotnetnuke 4.6.1
Dotnetnuke Dotnetnuke 4.6.2
Dotnetnuke Dotnetnuke 4.5.5
Dotnetnuke Dotnetnuke 4.6.0
Dotnetnuke Dotnetnuke 4.8.3
Dotnetnuke Dotnetnuke 4.8.4
Dotnetnuke Dotnetnuke 4.4.1
Dotnetnuke Dotnetnuke 4.7.0
Dotnetnuke Dotnetnuke 4.8.0
Dotnetnuke Dotnetnuke 4.5.2
Dotnetnuke Dotnetnuke 4.5.4
Dotnetnuke Dotnetnuke 4.8.1
Dotnetnuke Dotnetnuke 4.8.2
4.3
CVSSv2
CVE-2009-4110
Cross-site scripting (XSS) vulnerability in the search functionality in DotNetNuke 4.8 up to and including 5.1.4 allows remote malicious users to inject arbitrary web script or HTML via search terms that are not properly filtered before display in a custom results page.
Dotnetnuke Dotnetnuke 4.8.0
Dotnetnuke Dotnetnuke 4.9.2
Dotnetnuke Dotnetnuke 5.0
Dotnetnuke Dotnetnuke 4.8.1
Dotnetnuke Dotnetnuke 4.8.2
Dotnetnuke Dotnetnuke 5.1
Dotnetnuke Dotnetnuke 5.1.3
Dotnetnuke Dotnetnuke 4.8.3
Dotnetnuke Dotnetnuke 4.8.4
Dotnetnuke Dotnetnuke 5.1.2
Dotnetnuke Dotnetnuke 5.1.1
Dotnetnuke Dotnetnuke 5.1.4
Dotnetnuke Dotnetnuke 4.9
Dotnetnuke Dotnetnuke 4.9.1
5
CVSSv2
CVE-2008-7101
Unspecified vulnerability in DotNetNuke 4.0 up to and including 4.8.4 and 5.0 allows remote malicious users to obtain sensitive information (portal number) by accessing the install wizard page via unknown vectors.
Dotnetnuke Dotnetnuke 4.6.2
Dotnetnuke Dotnetnuke 4.3.5
Dotnetnuke Dotnetnuke 5.0
Dotnetnuke Dotnetnuke 4.7.0
Dotnetnuke Dotnetnuke 4.5.2
Dotnetnuke Dotnetnuke 4.0
Dotnetnuke Dotnetnuke 4.8.3
Dotnetnuke Dotnetnuke 4.8.2
Dotnetnuke Dotnetnuke 4.4.1
Dotnetnuke Dotnetnuke 4.6.1
Dotnetnuke Dotnetnuke 4.5.4
Dotnetnuke Dotnetnuke 4.8.4
Dotnetnuke Dotnetnuke 4.5.5
Dotnetnuke Dotnetnuke 4.6.0
Dotnetnuke Dotnetnuke 4.8.1
Dotnetnuke Dotnetnuke 4.8.0
7.5
CVSSv2
CVE-2008-7102
DotNetNuke 2.0 up to and including 4.8.4 allows remote malicious users to load .ascx files instead of skin files, and possibly access privileged functionality, via unknown vectors related to parameter validation.
Dotnetnuke Dotnetnuke 3.1.0
Dotnetnuke Dotnetnuke 3.3.5
Dotnetnuke Dotnetnuke 4.6.0
Dotnetnuke Dotnetnuke 4.6.1
Dotnetnuke Dotnetnuke 4.8.4
Dotnetnuke Dotnetnuke 2.1.1
Dotnetnuke Dotnetnuke 2.1.2
Dotnetnuke Dotnetnuke 4.4.1
Dotnetnuke Dotnetnuke 4.5.2
Dotnetnuke Dotnetnuke 4.8.0
Dotnetnuke Dotnetnuke 4.8.1
Dotnetnuke Dotnetnuke 4.0
Dotnetnuke Dotnetnuke 4.3.5
Dotnetnuke Dotnetnuke 4.6.2
Dotnetnuke Dotnetnuke 4.7.0
Dotnetnuke Dotnetnuke 3.0.11
Dotnetnuke Dotnetnuke 3.0.7
Dotnetnuke Dotnetnuke 3.0.8
Dotnetnuke Dotnetnuke 4.5.4
Dotnetnuke Dotnetnuke 4.5.5
Dotnetnuke Dotnetnuke 4.8.2
Dotnetnuke Dotnetnuke 4.8.3
5
CVSSv2
CVE-2009-4109
The install wizard in DotNetNuke 4.0 up to and including 5.1.4 does not prevent anonymous users from accessing functionality related to determination of the need for an upgrade, which allows remote malicious users to access version information and possibly other sensitive informa...
Dotnetnuke Dotnetnuke 4.5.5
Dotnetnuke Dotnetnuke 4.6.0
Dotnetnuke Dotnetnuke 4.6.1
Dotnetnuke Dotnetnuke 4.6.2
Dotnetnuke Dotnetnuke 5.1.2
Dotnetnuke Dotnetnuke 5.1.1
Dotnetnuke Dotnetnuke 5.1.4
Dotnetnuke Dotnetnuke 4.3.5
Dotnetnuke Dotnetnuke 4.5.2
Dotnetnuke Dotnetnuke 4.8.0
Dotnetnuke Dotnetnuke 4.8.2
Dotnetnuke Dotnetnuke 4.9.2
Dotnetnuke Dotnetnuke 5.1
Dotnetnuke Dotnetnuke 4.0
Dotnetnuke Dotnetnuke 4.8.3
Dotnetnuke Dotnetnuke 4.8.4
Dotnetnuke Dotnetnuke 4.9
Dotnetnuke Dotnetnuke 4.9.1
Dotnetnuke Dotnetnuke 4.4.1
Dotnetnuke Dotnetnuke 4.5.4
Dotnetnuke Dotnetnuke 4.7.0
Dotnetnuke Dotnetnuke 4.8.1
4.3
CVSSv2
CVE-2009-1366
Cross-site scripting (XSS) vulnerability in Website\admin\Sales\paypalipn.aspx in DotNetNuke (DNN) prior to 4.9.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to "name/value pairs" and "paypal IPN functionalit...
Dotnetnuke Dotnetnuke 1.0.6
Dotnetnuke Dotnetnuke 1.0.7
Dotnetnuke Dotnetnuke 4.0
Dotnetnuke Dotnetnuke 3.3.5
Dotnetnuke Dotnetnuke 4.5.5
Dotnetnuke Dotnetnuke 4.6.1
Dotnetnuke Dotnetnuke 4.6.2
Dotnetnuke Dotnetnuke 4.9
Dotnetnuke Dotnetnuke
Dotnetnuke Dotnetnuke 1.0.8
Dotnetnuke Dotnetnuke 1.0.9
Dotnetnuke Dotnetnuke 3.0.7
Dotnetnuke Dotnetnuke 4.6.0
Dotnetnuke Dotnetnuke 4.7.0
Dotnetnuke Dotnetnuke 4.8.0
Dotnetnuke Dotnetnuke 4.9.1
Dotnetnuke Dotnetnuke 2.1.1
Dotnetnuke Dotnetnuke 2.1.2
Dotnetnuke Dotnetnuke 3.0.8
Dotnetnuke Dotnetnuke 3.1.0
Dotnetnuke Dotnetnuke 4.8.1
Dotnetnuke Dotnetnuke 4.8.2
3.5
CVSSv2
CVE-2013-3943
Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) prior to 6.2.9 and 7.x prior to 7.1.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Display Name field in the Manage Profile.
Dotnetnuke Dotnetnuke 6.2.7
Dotnetnuke Dotnetnuke
Dotnetnuke Dotnetnuke 7.0.0
Dotnetnuke Dotnetnuke 7.0.1
Dotnetnuke Dotnetnuke 5.1.1
Dotnetnuke Dotnetnuke 5.1
Dotnetnuke Dotnetnuke 5.06.00
Dotnetnuke Dotnetnuke 5.05.01
Dotnetnuke Dotnetnuke 5.0
Dotnetnuke Dotnetnuke 4.5.5
Dotnetnuke Dotnetnuke 4.5.4
Dotnetnuke Dotnetnuke 4.5.2
Dotnetnuke Dotnetnuke 4.4.1
Dotnetnuke Dotnetnuke 1.0.10e
Dotnetnuke Dotnetnuke 1.0.10d
Dotnetnuke Dotnetnuke 6.1.0
Dotnetnuke Dotnetnuke 6.1.2
Dotnetnuke Dotnetnuke 6.2.3
Dotnetnuke Dotnetnuke 6.2.5
Dotnetnuke Dotnetnuke 7.0.3
Dotnetnuke Dotnetnuke 7.0.5
Dotnetnuke Dotnetnuke 6.0.0
4.3
CVSSv2
CVE-2013-4649
Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) prior to 6.2.9 and 7.x prior to 7.1.1 allows remote malicious users to inject arbitrary web script or HTML via the __dnnVariable parameter to the default URI.
Dotnetnuke Dotnetnuke 6.2.0
Dotnetnuke Dotnetnuke 6.2.1
Dotnetnuke Dotnetnuke
Dotnetnuke Dotnetnuke 7.0.0
Dotnetnuke Dotnetnuke 7.0.1
Dotnetnuke Dotnetnuke 6.0.2
Dotnetnuke Dotnetnuke 6.0.1
Dotnetnuke Dotnetnuke 5.06.00
Dotnetnuke Dotnetnuke 5.05.01
Dotnetnuke Dotnetnuke 4.8.2
Dotnetnuke Dotnetnuke 4.8.1
Dotnetnuke Dotnetnuke 4.8.0
Dotnetnuke Dotnetnuke 4.5.2
Dotnetnuke Dotnetnuke 4.4.1
Dotnetnuke Dotnetnuke 6.1.0
Dotnetnuke Dotnetnuke 6.1.1
Dotnetnuke Dotnetnuke 6.2.2
Dotnetnuke Dotnetnuke 6.2.3
Dotnetnuke Dotnetnuke 7.0.2
Dotnetnuke Dotnetnuke 7.0.3
Dotnetnuke Dotnetnuke 6.0.0
Dotnetnuke Dotnetnuke 5.1.4
4.3
CVSSv2
CVE-2013-7335
Open redirect vulnerability in DotNetNuke (DNN) prior to 6.2.9 and 7.x prior to 7.1.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Dotnetnuke Dotnetnuke 6.1.3
Dotnetnuke Dotnetnuke 6.1.5
Dotnetnuke Dotnetnuke 6.2.6
Dotnetnuke Dotnetnuke
Dotnetnuke Dotnetnuke 7.0.4
Dotnetnuke Dotnetnuke 6.2.1
Dotnetnuke Dotnetnuke 6.2.2
Dotnetnuke Dotnetnuke 6.2.3
Dotnetnuke Dotnetnuke 6.2.4
Dotnetnuke Dotnetnuke 6.0.1
Dotnetnuke Dotnetnuke 6.0.0
Dotnetnuke Dotnetnuke 5.1.4
Dotnetnuke Dotnetnuke 5.1.3
Dotnetnuke Dotnetnuke 4.8.1
Dotnetnuke Dotnetnuke 4.8.0
Dotnetnuke Dotnetnuke 4.7.0
Dotnetnuke Dotnetnuke 4.6.2
Dotnetnuke Dotnetnuke 4.6.1
Dotnetnuke Dotnetnuke 2.1.2
Dotnetnuke Dotnetnuke 2.1.1
Dotnetnuke Dotnetnuke 1.0.9
Dotnetnuke Dotnetnuke 1.0.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »