Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dotnetnuke dotnetnuke 1.0.9 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2004-2323
DotNetNuke (formerly IBuySpy Workshop) 1.0.6 up to and including 1.0.10d allows remote malicious users to obtain sensitive information, including the SQL server username and password, via a GET request for source or configuration files such as Web.config.
Dotnetnuke Dotnetnuke 1.0.10d
Dotnetnuke Dotnetnuke 1.0.8
Dotnetnuke Dotnetnuke 1.0.9
Dotnetnuke Dotnetnuke 1.0.6
Dotnetnuke Dotnetnuke 1.0.7
668
VMScore
CVE-2004-2324
SQL injection vulnerability in DotNetNuke (formerly IBuySpy Workshop) 1.0.6 up to and including 1.0.10d allows remote malicious users to modify the backend database via the (1) table and (2) field parameters in LinkClick.aspx.
Dotnetnuke Dotnetnuke 1.0.10d
Dotnetnuke Dotnetnuke 1.0.6
Dotnetnuke Dotnetnuke 1.0.7
Dotnetnuke Dotnetnuke 1.0.8
Dotnetnuke Dotnetnuke 1.0.9
383
VMScore
CVE-2004-2325
Cross-site scripting (XSS) vulnerability in EditModule.aspx for DotNetNuke (formerly IBuySpy Workshop) 1.0.6 up to and including 1.0.10d allows remote malicious users to inject arbitrary web script or HTML.
Dotnetnuke Dotnetnuke 1.0.6
Dotnetnuke Dotnetnuke 1.0.7
Dotnetnuke Dotnetnuke 1.0.8
Dotnetnuke Dotnetnuke 1.0.9
Dotnetnuke Dotnetnuke 1.0.10d
435
VMScore
CVE-2006-4973
Cross-site scripting (XSS) vulnerability in Default.aspx in Perpetual Motion Interactive Systems DotNetNuke prior to 3.3.5, and 4.x prior to 4.3.5, allows remote malicious users to inject arbitrary HTML via the error parameter.
Dotnetnuke Dotnetnuke 2.1.1
Dotnetnuke Dotnetnuke 1.0.10e
Dotnetnuke Dotnetnuke 1.0.10d
Dotnetnuke Dotnetnuke 1.0.7
Dotnetnuke Dotnetnuke 1.0.8
Dotnetnuke Dotnetnuke 1.0.6
Dotnetnuke Dotnetnuke 1.0.9
Dotnetnuke Dotnetnuke 3.0.8
Dotnetnuke Dotnetnuke 2.1.2
Dotnetnuke Dotnetnuke 4.0
Dotnetnuke Dotnetnuke 3.0.7
Dotnetnuke Dotnetnuke 3.1.0
1 EDB exploit
409
VMScore
CVE-2008-6542
Unspecified vulnerability in the Skin Manager in DotNetNuke prior to 4.8.2 allows remote authenticated administrators to perform "server-side execution of application logic" by uploading a static file that is converted into a dynamic script via unknown vectors related t...
Dotnetnuke Dotnetnuke 4.5.2
Dotnetnuke Dotnetnuke 4.0
Dotnetnuke Dotnetnuke 1.0.8
Dotnetnuke Dotnetnuke 1.0.7
Dotnetnuke Dotnetnuke 3.0.7
Dotnetnuke Dotnetnuke 3.0.11
Dotnetnuke Dotnetnuke 1.0.10d
Dotnetnuke Dotnetnuke 3.1.0
Dotnetnuke Dotnetnuke 3.0.8
Dotnetnuke Dotnetnuke 1.0.6
Dotnetnuke Dotnetnuke 1.0.10e
Dotnetnuke Dotnetnuke
Dotnetnuke Dotnetnuke 2.1.2
Dotnetnuke Dotnetnuke 2.1.1
Dotnetnuke Dotnetnuke 1.0.9
515
VMScore
CVE-2008-6540
DotNetNuke prior to 4.8.2, during installation or upgrade, does not warn the administrator when the default (1) ValidationKey and (2) DecryptionKey values cannot be modified in the web.config file, which allows remote malicious users to bypass intended access restrictions by usin...
Dotnetnuke Dotnetnuke 4.0
Dotnetnuke Dotnetnuke 3.0.11
Dotnetnuke Dotnetnuke 1.0.10e
Dotnetnuke Dotnetnuke 1.0.10d
Dotnetnuke Dotnetnuke 2.1.2
Dotnetnuke Dotnetnuke 2.1.1
Dotnetnuke Dotnetnuke 4.3.5
Dotnetnuke Dotnetnuke 3.3.5
Dotnetnuke Dotnetnuke 1.0.9
Dotnetnuke Dotnetnuke 1.0.8
Dotnetnuke Dotnetnuke 4.5.2
Dotnetnuke Dotnetnuke
Dotnetnuke Dotnetnuke 3.0.7
Dotnetnuke Dotnetnuke 3.0.8
Dotnetnuke Dotnetnuke 3.1.0
Dotnetnuke Dotnetnuke 1.0.7
Dotnetnuke Dotnetnuke 1.0.6
1 EDB exploit
605
VMScore
CVE-2008-6541
Unrestricted file upload vulnerability in the file manager module in DotNetNuke prior to 4.8.2 allows remote administrators to upload arbitrary files and gain privileges to the server via unspecified vectors.
Dotnetnuke Dotnetnuke 1.0.8
Dotnetnuke Dotnetnuke 2.1.2
Dotnetnuke Dotnetnuke
Dotnetnuke Dotnetnuke 4.3.5
Dotnetnuke Dotnetnuke 4.0
Dotnetnuke Dotnetnuke 3.0.11
Dotnetnuke Dotnetnuke 2.1.1
Dotnetnuke Dotnetnuke 1.0.10e
Dotnetnuke Dotnetnuke 3.3.5
Dotnetnuke Dotnetnuke 3.0.7
Dotnetnuke Dotnetnuke 3.0.8
Dotnetnuke Dotnetnuke 1.0.10d
Dotnetnuke Dotnetnuke 1.0.7
Dotnetnuke Dotnetnuke 3.1.0
Dotnetnuke Dotnetnuke 1.0.9
Dotnetnuke Dotnetnuke 1.0.6
Dotnetnuke Dotnetnuke 4.5.2
435
VMScore
CVE-2008-6644
Cross-site scripting (XSS) vulnerability in Default.aspx in DotNetNuke 4.8.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO.
Dotnetnuke Dotnetnuke 4.8.1
Dotnetnuke Dotnetnuke 3.0.11
Dotnetnuke Dotnetnuke 1.0.10e
Dotnetnuke Dotnetnuke 1.0.10d
Dotnetnuke Dotnetnuke 3.0.7
Dotnetnuke Dotnetnuke 3.0.8
Dotnetnuke Dotnetnuke 1.0.7
Dotnetnuke Dotnetnuke 1.0.6
Dotnetnuke Dotnetnuke 3.1.0
Dotnetnuke Dotnetnuke 1.0.9
Dotnetnuke Dotnetnuke 3.3.5
Dotnetnuke Dotnetnuke 4.3.5
Dotnetnuke Dotnetnuke 4.0
Dotnetnuke Dotnetnuke 4.8.2
Dotnetnuke Dotnetnuke 1.0.8
Dotnetnuke Dotnetnuke 2.1.2
Dotnetnuke Dotnetnuke 2.1.1
Dotnetnuke Dotnetnuke 4.5.2
Dotnetnuke Dotnetnuke
1 EDB exploit
383
VMScore
CVE-2008-6732
Cross-site scripting (XSS) vulnerability in the Language skin object in DotNetNuke prior to 4.8.4 allows remote malicious users to inject arbitrary web script or HTML via "newly generated paths."
Dotnetnuke Dotnetnuke 1.0.8
Dotnetnuke Dotnetnuke 2.1.1
Dotnetnuke Dotnetnuke 1.0.10e
Dotnetnuke Dotnetnuke 1.0.10d
Dotnetnuke Dotnetnuke 3.3.5
Dotnetnuke Dotnetnuke 4.0
Dotnetnuke Dotnetnuke 4.5.5
Dotnetnuke Dotnetnuke 4.6.0
Dotnetnuke Dotnetnuke 1.0.7
Dotnetnuke Dotnetnuke 1.0.6
Dotnetnuke Dotnetnuke 4.3.5
Dotnetnuke Dotnetnuke 4.5.2
Dotnetnuke Dotnetnuke 4.6.1
Dotnetnuke Dotnetnuke 4.7.0
Dotnetnuke Dotnetnuke 2.1.2
Dotnetnuke Dotnetnuke 3.0.8
Dotnetnuke Dotnetnuke 3.1.0
Dotnetnuke Dotnetnuke 4.8.1
Dotnetnuke Dotnetnuke 4.5.4
Dotnetnuke Dotnetnuke 1.0.9
Dotnetnuke Dotnetnuke 3.0.11
Dotnetnuke Dotnetnuke 3.0.7
383
VMScore
CVE-2009-1366
Cross-site scripting (XSS) vulnerability in Website\admin\Sales\paypalipn.aspx in DotNetNuke (DNN) prior to 4.9.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to "name/value pairs" and "paypal IPN functionalit...
Dotnetnuke Dotnetnuke 1.0.6
Dotnetnuke Dotnetnuke 1.0.7
Dotnetnuke Dotnetnuke 4.0
Dotnetnuke Dotnetnuke 3.3.5
Dotnetnuke Dotnetnuke 4.5.5
Dotnetnuke Dotnetnuke 4.6.1
Dotnetnuke Dotnetnuke 4.6.2
Dotnetnuke Dotnetnuke 4.9
Dotnetnuke Dotnetnuke
Dotnetnuke Dotnetnuke 1.0.8
Dotnetnuke Dotnetnuke 1.0.9
Dotnetnuke Dotnetnuke 3.0.7
Dotnetnuke Dotnetnuke 4.6.0
Dotnetnuke Dotnetnuke 4.7.0
Dotnetnuke Dotnetnuke 4.8.0
Dotnetnuke Dotnetnuke 4.9.1
Dotnetnuke Dotnetnuke 2.1.1
Dotnetnuke Dotnetnuke 2.1.2
Dotnetnuke Dotnetnuke 3.0.8
Dotnetnuke Dotnetnuke 3.1.0
Dotnetnuke Dotnetnuke 4.8.1
Dotnetnuke Dotnetnuke 4.8.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »