Unspecified vulnerability in the Skin Manager in DotNetNuke before 4.8.2 allows remote authenticated administrators to perform βserver-side execution of application logicβ by uploading a static file that is converted into a dynamic script via unknown vectors related to HTM or HTML files.