Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
356
VMScore
CVE-2020-5188
Published: 24/02/2020 Updated: 07/11/2023
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Subscribe to Dotnetnuke
Vulnerability Summary
DNN (formerly DotNetNuke) up to and including 9.4.4 has Insecure Permissions.
Vulnerability Trend
Vulnerable Product
Search on Vulmon
Subscribe to Product
dnnsoftware dotnetnuke
Exploits
Exploit DB: DotNetNuke CMS 9.4.4 Zip Directory Traversal
DotNetNuke CMS version 944 suffers from zip split issue where a directory traversal attack can be performed to overwrite files or execute malicious code ...
Exploit DB: DotNetNuke CMS 9.5.0 File Extension Check Bypass
DotNetNuke CMS version 950 suffers from file extension check bypass vulnerability that allows for arbitrary file upload ...
References
CWE-669
CWE-434
https://github.com/dnnsoftware/Dnn.Platform/releases
http://packetstormsecurity.com/files/156484/DotNetNuke-CMS-9.5.0-File-Extension-Check-Bypass.html
https://medium.com/%40SajjadPourali/dnn-dotnetnuke-cms-not-as-secure-as-you-think-e8516f789175
https://nvd.nist.gov
https://packetstormsecurity.com/files/156489/DotNetNuke-CMS-9.4.4-Zip-Directory-Traversal.html
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started