Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
Docs
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dnn.platform vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv3
CVE-2025-48376
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 9.13.9, a malicious SuperUser (Host) could craft a request to use an external url for a site export to then be imported. Version 9.13.9 fixes the issue.
Dnnsoftware Dnn.platform
6
CVSSv4
CVE-2025-48377
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 9.13.9, a specially crafted URL may be constructed which can inject an XSS payload that is triggered by using some module actions. Version 9.13.9 fixes t...
Dnnsoftware Dnn.platform
6.1
CVSSv4
CVE-2025-48378
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 9.13.9, uploaded SVG files could contain scripts and if rendered inline those scripts could run allowing XSS attacks. Version 9.13.9 fixes the issue.
Dnnsoftware Dnn.platform
2.6
CVSSv3
CVE-2025-32035
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. before 9.13.2, when uploading files (e.g. when uploading assets), the file extension is checked to see if it's an allowed file type but the actual contents of the fi...
Dnnsoftware Dnn.platform
4.2
CVSSv3
CVE-2025-32036
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. The algorithm used to generate the captcha image shows the least complexity of the desired image. For this reason, the created image can be easily read by OCR tools, and ...
Dnnsoftware Dnn.platform
4.3
CVSSv3
CVE-2025-32371
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. A url could be crafted to the DNN ImageHandler to render text from a querystring parameter. This text would display in the resulting image and a user that trusts the doma...
Dnnsoftware Dnn.platform
6.5
CVSSv3
CVE-2025-32372
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. A bypass has been identified for the previously known vulnerability CVE-2017-0929, allowing unauthenticated malicious users to execute arbitrary GET requests against targ...
Dnnsoftware Dnn.platform
6.5
CVSSv3
CVE-2025-32373
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. In limited configurations, registered users may be able to craft a request to enumerate/access some portal files they should not have access to. This vulnerability is fix...
Dnnsoftware Dnn.platform
5.9
CVSSv3
CVE-2025-32374
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Possible denial of service with specially crafted information in the public registration form. This vulnerability is fixed in 9.13.8.
Dnnsoftware Dnn.platform
4.9
CVSSv3
CVE-2022-2922
Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform before 9.11.0.
Dnnsoftware Dnnsoftware/dnn.platform
Dnnsoftware Dotnetnuke
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-3248
thanhtungtnt
remote code execution
codepen embed block
CVE-2025-6354
chris coyier
CVE-2025-50025
nitin yawalkar
code execution
CVE-2025-50038
CVE-2023-0386
cross-site scripting
CVE-2025-6351
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
Vulmon