Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dotnetnuke vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2016-7119
Cross-site scripting (XSS) vulnerability in the user-profile biography section in DotNetNuke (DNN) prior to 8.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted onclick attribute in an IMG element.
Dotnetnuke Dotnetnuke
383
VMScore
CVE-2015-1566
Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) prior to 7.4.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Dotnetnuke Dotnetnuke
755
VMScore
CVE-2013-5117
SQL injection vulnerability in the RSS page (DNNArticleRSS.aspx) in the ZLDNN DNNArticle module prior to 10.1 for DotNetNuke allows remote malicious users to execute arbitrary SQL commands via the categoryid parameter.
Zldnn Dnnarticle
1 EDB exploit
383
VMScore
CVE-2013-4649
Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) prior to 6.2.9 and 7.x prior to 7.1.1 allows remote malicious users to inject arbitrary web script or HTML via the __dnnVariable parameter to the default URI.
Dotnetnuke Dotnetnuke 6.2.0
Dotnetnuke Dotnetnuke 6.2.1
Dotnetnuke Dotnetnuke
Dotnetnuke Dotnetnuke 7.0.0
Dotnetnuke Dotnetnuke 7.0.1
Dotnetnuke Dotnetnuke 6.0.2
Dotnetnuke Dotnetnuke 6.0.1
Dotnetnuke Dotnetnuke 5.06.00
Dotnetnuke Dotnetnuke 5.05.01
Dotnetnuke Dotnetnuke 4.8.2
Dotnetnuke Dotnetnuke 4.8.1
Dotnetnuke Dotnetnuke 4.8.0
Dotnetnuke Dotnetnuke 4.5.2
Dotnetnuke Dotnetnuke 4.4.1
Dotnetnuke Dotnetnuke 6.1.0
Dotnetnuke Dotnetnuke 6.1.1
Dotnetnuke Dotnetnuke 6.2.2
Dotnetnuke Dotnetnuke 6.2.3
Dotnetnuke Dotnetnuke 7.0.2
Dotnetnuke Dotnetnuke 7.0.3
Dotnetnuke Dotnetnuke 6.0.0
Dotnetnuke Dotnetnuke 5.1.4
383
VMScore
CVE-2013-7335
Open redirect vulnerability in DotNetNuke (DNN) prior to 6.2.9 and 7.x prior to 7.1.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Dotnetnuke Dotnetnuke 6.1.3
Dotnetnuke Dotnetnuke 6.1.5
Dotnetnuke Dotnetnuke 6.2.6
Dotnetnuke Dotnetnuke
Dotnetnuke Dotnetnuke 7.0.4
Dotnetnuke Dotnetnuke 6.2.1
Dotnetnuke Dotnetnuke 6.2.2
Dotnetnuke Dotnetnuke 6.2.3
Dotnetnuke Dotnetnuke 6.2.4
Dotnetnuke Dotnetnuke 6.0.1
Dotnetnuke Dotnetnuke 6.0.0
Dotnetnuke Dotnetnuke 5.1.4
Dotnetnuke Dotnetnuke 5.1.3
Dotnetnuke Dotnetnuke 4.8.1
Dotnetnuke Dotnetnuke 4.8.0
Dotnetnuke Dotnetnuke 4.7.0
Dotnetnuke Dotnetnuke 4.6.2
Dotnetnuke Dotnetnuke 4.6.1
Dotnetnuke Dotnetnuke 2.1.2
Dotnetnuke Dotnetnuke 2.1.1
Dotnetnuke Dotnetnuke 1.0.9
Dotnetnuke Dotnetnuke 1.0.8
312
VMScore
CVE-2013-3943
Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) prior to 6.2.9 and 7.x prior to 7.1.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Display Name field in the Manage Profile.
Dotnetnuke Dotnetnuke 6.2.7
Dotnetnuke Dotnetnuke
Dotnetnuke Dotnetnuke 7.0.0
Dotnetnuke Dotnetnuke 7.0.1
Dotnetnuke Dotnetnuke 5.1.1
Dotnetnuke Dotnetnuke 5.1
Dotnetnuke Dotnetnuke 5.06.00
Dotnetnuke Dotnetnuke 5.05.01
Dotnetnuke Dotnetnuke 5.0
Dotnetnuke Dotnetnuke 4.5.5
Dotnetnuke Dotnetnuke 4.5.4
Dotnetnuke Dotnetnuke 4.5.2
Dotnetnuke Dotnetnuke 4.4.1
Dotnetnuke Dotnetnuke 1.0.10e
Dotnetnuke Dotnetnuke 1.0.10d
Dotnetnuke Dotnetnuke 6.1.0
Dotnetnuke Dotnetnuke 6.1.2
Dotnetnuke Dotnetnuke 6.2.3
Dotnetnuke Dotnetnuke 6.2.5
Dotnetnuke Dotnetnuke 7.0.3
Dotnetnuke Dotnetnuke 7.0.5
Dotnetnuke Dotnetnuke 6.0.0
383
VMScore
CVE-2012-1036
Cross-site scripting (XSS) vulnerability in the telerik HTML editor in DotNetNuke prior to 5.6.4 and 6.x prior to 6.1.0 allows remote malicious users to inject arbitrary web script or HTML via a message.
Dotnetnuke Dotnetnuke 5.6.2
Dotnetnuke Dotnetnuke 5.4.2
Dotnetnuke Dotnetnuke 5.4.0
Dotnetnuke Dotnetnuke 5.2.1
Dotnetnuke Dotnetnuke 5.1.4
Dotnetnuke Dotnetnuke 5.1.2
Dotnetnuke Dotnetnuke 4.9.5
Dotnetnuke Dotnetnuke 4.9.3
Dotnetnuke Dotnetnuke 5.3.1
Dotnetnuke Dotnetnuke 5.3.0
Dotnetnuke Dotnetnuke 5.2.3
Dotnetnuke Dotnetnuke 5.2.2
Dotnetnuke Dotnetnuke 4.9.1
Dotnetnuke Dotnetnuke 4.9.0
Dotnetnuke Dotnetnuke 5.6.0
Dotnetnuke Dotnetnuke 5.5.1
Dotnetnuke Dotnetnuke 5.5.0
Dotnetnuke Dotnetnuke 5.4.4
Dotnetnuke Dotnetnuke 5.1.1
Dotnetnuke Dotnetnuke 5.1.0
Dotnetnuke Dotnetnuke 5.0.1
Dotnetnuke Dotnetnuke 5.0.0
383
VMScore
CVE-2012-1030
Cross-site scripting (XSS) vulnerability in DotNetNuke 6.x up to and including 6.0.2 allows user-assisted remote malicious users to inject arbitrary web script or HTML via a crafted URL containing text that is used within a modal popup.
Dotnetnuke Dotnetnuke 6.0.0
Dotnetnuke Dotnetnuke 6.0.1
Dotnetnuke Dotnetnuke 6.0.2
405
VMScore
CVE-2011-1892
Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management Server 2007 SP2, Groove Serve...
Microsoft Sharepoint Workspace 2010
Microsoft Sharepoint Server 2010
Microsoft Office Web Apps 2010
Microsoft Forms Server 2007
Microsoft Groove Server 2010
Microsoft Sharepoint Services 3.0
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Foundation 2010
Microsoft Groove 2007
Microsoft Groove Data Bridge Server 2007
Microsoft Groove Management Server 2007
1 EDB exploit
435
VMScore
CVE-2010-4514
Cross-site scripting (XSS) vulnerability in Install/InstallWizard.aspx in DotNetNuke 5.05.01 and 5.06.00 allows remote malicious users to inject arbitrary web script or HTML via the __VIEWSTATE parameter. NOTE: some of these details are obtained from third party information.
Dotnetnuke Dotnetnuke 5.05.01
Dotnetnuke Dotnetnuke 5.06.00
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »