CVE-2018-18325

DNN aka DotNetNuke 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811...

CVE-2019-18325

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability i...

CVE-2019-18325

creationtimestamp| type| source ---|---|--- 2024-03-11 13:41:36+00:00| seen| https://t.me/ctinow/204686...

DNN (DotNetNuke) < 9.3.0 Multiple Vulnerabilities

DNN formerly DotNetNuke is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2020-18325

creationtimestamp| type| source ---|---|--- 2022-03-04 18:27:11+00:00| seen| https://t.me/cibsecurity/38433...

CVE-2020-18325

Subrion CMS 4.2.1 is affected by a cross-site scripting (XSS) vulnerability in the Configuration panel. The CVE description indicates multiple XSS cases exist in this area; the root cause details are not provided in the documents. Impact is described as XSS, but explicit exploit vectors, affected...

CVE-2020-18325

Multilple Cross Site Scripting XSS vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel...

Cobbler has an unspecified vulnerability (CNVD-2022-18325)

Cobbler is a network installation server suite that is primarily used to quickly set up Linux network installation environments. security vulnerabilities exist in versions of Cobbler prior to 3.3.1, stemming from files in /etc/cobbler that are publicly readable, two of which contain some sensitiv...

VulnCheck KEV: CVE-2018-18325

DotNetNuke DNN contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. This CVE ID resolves an incomplete patch for CVE-2018-15811...

DNN (DotNetNuke) 9.2 <= 9.2.2 Weak Encryption Algorithm Vulnerability

The version of DNN Platform formerly DotNetNuke running on the remote host is 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

Cayin Content Management Server 11.0 - Remote Command Injection (root)

Title: Cayin Content Management Server 11.0 - Remote Command Injection root Author:LiquidWorm Date: 2020-06-04 Vendor: https://www.cayintech.com CVE: N/A Cayin Content Management Server 11.0 Root Remote Command Injection Vendor: CAYIN Technology Co., Ltd. Product web page: https://www.cayintech.c...

DotNetNuke - Cookie Deserialization Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' require 'openssl' require 'set' class MetasploitModule activetimeout payload handler is normally set up and started here but has be...

DotNetNuke Cookie Deserialization Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' require 'openssl' require 'set' class MetasploitModule activetimeout payload handler is normally set up and started here but has be...

CVE-2018-18325

creationtimestamp| type| source ---|---|--- 2020-04-02 15:06:54+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/dnncookiedeserializationrce.rb 2020-04-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48336 2021-11-08...

CVE-2019-18325

SPPA-T3000 MS3000 Migration Server (all versions) is affected by CVE-2019-18325. An attacker with network access can trigger a Denial-of-Service and potentially achieve remote code execution by sending specially crafted packets to TCP/5010. The Red Hat CVE entries for related CVEs (CVE-2019-18323...

CVE-2017-18325

This CVE entry is rejected/not used; it does not represent an active vulnerability.

CVE-2018-18325

DNN aka DotNetNuke 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811...

CVE-2018-18325

DNN aka DotNetNuke 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811...

CVE-2018-18325

Summary: CVE-2018-18325 affects DNN (DotNetNuke) platforms running version 9.2 through 9.2.2. The issue is an inadequate encryption strength for input parameters, arising from an incomplete fix for CVE-2018-15811. The vulnerability is tied to the use of a weak encryption algorithm in protecting i...

CVE-2018-18325

DNN aka DotNetNuke 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...