AI Score
Confidence
Low
EPSS
Percentile
83.4%
DotNetNuke 2.0 through 4.8.4 allows remote attackers to load .ascx files instead of skin files, and possibly access privileged functionality, via unknown vectors related to parameter validation.
osvdb.org/48345
secunia.com/advisories/31893
www.dotnetnuke.com/News/SecurityPolicy/Securitybulletinno23/tabid/1176/Default.aspx
www.securityfocus.com/bid/31145
exchange.xforce.ibmcloud.com/vulnerabilities/45077