CVE-2008-7102

2009-08-2720:00:00

mitre

www.cve.org

AI Score

6.7

Confidence

Low

EPSS

0.01

Percentile

83.4%

JSON

DotNetNuke 2.0 through 4.8.4 allows remote attackers to load .ascx files instead of skin files, and possibly access privileged functionality, via unknown vectors related to parameter validation.

References

osvdb.org/48345

secunia.com/advisories/31893

www.dotnetnuke.com/News/SecurityPolicy/Securitybulletinno23/tabid/1176/Default.aspx

www.securityfocus.com/bid/31145

exchange.xforce.ibmcloud.com/vulnerabilities/45077