Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
6.5
CVSSv3
CVE-2020-5188
Published: 24/02/2020 Updated: 07/11/2023
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Subscribe to Dnnsoftware
Vulnerability Summary
DNN (formerly DotNetNuke) up to and including 9.4.4 has Insecure Permissions.
Vulnerability Trend
Vulnerable Product
Search on Vulmon
Subscribe to Product
dnnsoftware dotnetnuke
Exploits
Exploit DB: DotNetNuke CMS 9.4.4 Zip Directory Traversal
DotNetNuke CMS version 944 suffers from zip split issue where a directory traversal attack can be performed to overwrite files or execute malicious code ...
Exploit DB: DotNetNuke CMS 9.5.0 File Extension Check Bypass
DotNetNuke CMS version 950 suffers from file extension check bypass vulnerability that allows for arbitrary file upload ...
References
CWE-669
CWE-434
https://github.com/dnnsoftware/Dnn.Platform/releases
http://packetstormsecurity.com/files/156484/DotNetNuke-CMS-9.5.0-File-Extension-Check-Bypass.html
https://medium.com/%40SajjadPourali/dnn-dotnetnuke-cms-not-as-secure-as-you-think-e8516f789175
https://nvd.nist.gov
https://packetstormsecurity.com/files/156489/DotNetNuke-CMS-9.4.4-Zip-Directory-Traversal.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started