Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
6.5
CVSSv3
CVE-2020-5188
Published: 24/02/2020 Updated: 07/11/2023
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Subscribe to Dnnsoftware
Vulnerability Summary
DNN (formerly DotNetNuke) up to and including 9.4.4 has Insecure Permissions.
Vulnerability Trend
Vulnerable Product
Search on Vulmon
Subscribe to Product
dnnsoftware dotnetnuke
Exploits
Exploit DB: DotNetNuke CMS 9.4.4 Zip Directory Traversal
DotNetNuke CMS version 944 suffers from zip split issue where a directory traversal attack can be performed to overwrite files or execute malicious code ...
Exploit DB: DotNetNuke CMS 9.5.0 File Extension Check Bypass
DotNetNuke CMS version 950 suffers from file extension check bypass vulnerability that allows for arbitrary file upload ...
References
CWE-669
CWE-434
https://github.com/dnnsoftware/Dnn.Platform/releases
http://packetstormsecurity.com/files/156484/DotNetNuke-CMS-9.5.0-File-Extension-Check-Bypass.html
https://medium.com/%40SajjadPourali/dnn-dotnetnuke-cms-not-as-secure-as-you-think-e8516f789175
https://nvd.nist.gov
https://packetstormsecurity.com/files/156489/DotNetNuke-CMS-9.4.4-Zip-Directory-Traversal.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started