Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dnnsoftware vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2018-15812
DNN (aka DotNetNuke) 9.2 up to and including 9.2.1 incorrectly converts encryption key source values, resulting in lower than expected entropy.
Dnnsoftware Dotnetnuke
446
VMScore
CVE-2018-18326
DNN (aka DotNetNuke) 9.2 up to and including 9.2.2 incorrectly converts encryption key source values, resulting in lower than expected entropy. NOTE: this issue exists because of an incomplete fix for CVE-2018-15812.
Dnnsoftware Dotnetnuke
445
VMScore
CVE-2018-18325
DNN (aka DotNetNuke) 9.2 up to and including 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811.
Dnnsoftware Dotnetnuke
384
VMScore
CVE-2018-14486
DNN (formerly DotNetNuke) 9.1.1 allows cross-site scripting (XSS) via XML.
Dnnsoftware Dotnetnuke 9.1.1
446
VMScore
CVE-2017-0929
DNN (aka DotNetNuke) prior to 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources.
Dnnsoftware Dotnetnuke
582
VMScore
CVE-2017-9822
DNN (aka DotNetNuke) prior to 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."
Dnnsoftware Dotnetnuke
13 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2