DotNetNuke 2.0 up to and including 4.8.4 allows remote malicious users to load .ascx files instead of skin files, and possibly access privileged functionality, via unknown vectors related to parameter validation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dotnetnuke dotnetnuke 3.1.0 |
||
dotnetnuke dotnetnuke 3.3.5 |
||
dotnetnuke dotnetnuke 4.6.0 |
||
dotnetnuke dotnetnuke 4.6.1 |
||
dotnetnuke dotnetnuke 4.8.4 |
||
dotnetnuke dotnetnuke 2.1.1 |
||
dotnetnuke dotnetnuke 2.1.2 |
||
dotnetnuke dotnetnuke 4.4.1 |
||
dotnetnuke dotnetnuke 4.5.2 |
||
dotnetnuke dotnetnuke 4.8.0 |
||
dotnetnuke dotnetnuke 4.8.1 |
||
dotnetnuke dotnetnuke 4.0 |
||
dotnetnuke dotnetnuke 4.3.5 |
||
dotnetnuke dotnetnuke 4.6.2 |
||
dotnetnuke dotnetnuke 4.7.0 |
||
dotnetnuke dotnetnuke 3.0.11 |
||
dotnetnuke dotnetnuke 3.0.7 |
||
dotnetnuke dotnetnuke 3.0.8 |
||
dotnetnuke dotnetnuke 4.5.4 |
||
dotnetnuke dotnetnuke 4.5.5 |
||
dotnetnuke dotnetnuke 4.8.2 |
||
dotnetnuke dotnetnuke 4.8.3 |