Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2022/08/08 12:0 a.m.25 views

DNN (DotNetNuke) < 9.3.0 Multiple Vulnerabilities

DNN formerly DotNetNuke is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.7AI score0.74048EPSS
Exploits5References5
Exploit DB
Exploit DB
added 2020/04/16 12:0 a.m.239 views

DotNetNuke - Cookie Deserialization Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' require 'openssl' require 'set' class MetasploitModule activetimeout payload handler is normally set up and started here but has be...

7.7AI score
Exploits0
Packet Storm
Packet Storm
added 2020/04/03 12:0 a.m.327 views

DotNetNuke Cookie Deserialization Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' require 'openssl' require 'set' class MetasploitModule activetimeout payload handler is normally set up and started here but has be...

6.5CVSS0.5AI score0.94789EPSS
Exploits10
Circl
Circl
added 2020/04/02 3:6 p.m.24 views

CVE-2018-18326

creationtimestamp| type| source ---|---|--- 2020-04-02 15:06:54+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/dnncookiedeserializationrce.rb 2020-04-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48336 2025-02-06...

7.5CVSS7.5AI score0.53618EPSS
Exploits4References2
OSV
OSV
added 2019/07/03 5:15 p.m.22 views

CVE-2018-18326

DNN aka DotNetNuke 9.2 through 9.2.2 incorrectly converts encryption key source values, resulting in lower than expected entropy. NOTE: this issue exists because of an incomplete fix for CVE-2018-15812...

7.5CVSS7.7AI score
Exploits0References3
CVE
CVE
added 2019/07/03 4:39 p.m.160 views

CVE-2018-18326

Summary: CVE-2018-18326 affects DNN (DotNetNuke) 9.2 through 9.2.2, which incorrectly converts encryption key source values, yielding lower entropy. This issue is noted as stemming from an incomplete fix for CVE-2018-15812. The connected sources identify the vulnerable versions and link to relate...

7.5CVSS7.6AI score0.53618EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder