Lucene search
K

5 matches found

OSV
OSV
added 2025/06/21 2:44 a.m.8 views

CVE-2025-52487 DNN.PLATFORM possibly allows bypass of IP Filters

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 7.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted request or proxy to be created that could bypass the design of DNN Login IP Filters allowing login attempts from IP...

8.8CVSS6.4AI score0.00294EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/04/11 3:39 a.m.20 views

CVE-2025-32035

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to 9.13.2, when uploading files e.g. when uploading assets, the file extension is checked to see if it's an allowed file type but the actual contents of the file aren't checked. This...

7.5CVSS6.7AI score0.00165EPSS
Exploits0References1
CVE
CVE
added 2025/04/08 6:6 p.m.69 views

CVE-2025-32036

CVE-2025-32036 affects DNN (DotNetNuke) where the captcha generation algorithm has low complexity, enabling OCR-based bypass of CAPTCHA. Multiple connected sources (PT-Security and Red Hat advisories) confirm the issue and identify the fixed version as 9.13.8, with prior versions vulnerable. Prac...

6.5CVSS6.8AI score0.00271EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/07/03 4:23 p.m.32 views

CVE-2018-15811

DNN aka DotNetNuke 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters...

7.3AI score0.74048EPSS
Exploits4References3
ATTACKERKB
ATTACKERKB
added 2017/07/20 12:0 a.m.55 views

CVE-2017-9822

DNN aka DotNetNuke before 9.1.1 has Remote Code Execution via a cookie, aka “2017-08 Critical Possible remote code execution on DNN sites.” Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

8.8CVSS9AI score0.94789EPSS
In wildExploits6References4
Rows per page
Query Builder