6 matches found
EUVD-2025-10548
Malicious code in bioql PyPI...
DotNetNuke.Core Vulnerable to Server-Side Request Forgery (SSRF)
A bypass has been identified for the previously known vulnerability CVE-2017-0929, allowing unauthenticated attackers to execute arbitrary GET requests against target systems, including internal or adjacent networks. Impact This vulnerability facilitates a semi-blind SSRF attack, allowing attacke...
GHSA-3F7V-QX94-666M DotNetNuke.Core Vulnerable to Server-Side Request Forgery (SSRF)
A bypass has been identified for the previously known vulnerability CVE-2017-0929, allowing unauthenticated attackers to execute arbitrary GET requests against target systems, including internal or adjacent networks. Impact This vulnerability facilitates a semi-blind SSRF attack, allowing attacke...
VulnCheck KEV: CVE-2017-0929
DNN aka DotNetNuke before 9.2.0 suffers from a Server-Side Request Forgery SSRF vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources...
U.S. Dept Of Defense: https://████████ Impacted by DNN ImageHandler SSRF
Summary: https://███████ runs DNN 8.0.0 to 9.1.1 and is impacted by CVE 2017-0929 allowing for a SSRF through the DNN ImageHandler. Origin servers will request any image file supplied by the attacker. This allows for internal NIPR sites to be mapped and accessed through a vulnerable host. The...
CVE-2017-0929
CVE-2017-0929 affects DotNetNuke (DNN) before 9.2.0. A Server-Side Request Forgery (SSRF) vulnerability exists in the DnnImageHandler class, enabling an attacker to access internal network resources. The issue is mitigated by upgrading DNN to version 9.2.0 or above. If exploiting details are prov...