CVE-2025-48376 Dnn.Platform's Site Import could use an external source with a crafted request

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 9.13.9, a malicious SuperUser Host could craft a request to use an external url for a site export to then be imported. Version 9.13.9 fixes the issue...

PT-2025-22815 · Dnn · Dnn

Name of the Vulnerable Software and Affected Versions: DNN formerly DotNetNuke versions prior to 9.13.9 Description: The issue concerns the DNN formerly DotNetNuke open-source web content management platform, which is part of the Microsoft ecosystem. In affected versions, uploaded SVG files could...

PT-2025-22813 · Dnn · Dnn

Name of the Vulnerable Software and Affected Versions: DNN formerly DotNetNuke versions prior to 9.13.9 Description: A malicious SuperUser Host could craft a request to use an external URL for a site export to then be imported. This issue is related to the DNN formerly DotNetNuke open-source web...

PT-2025-15706 · Dnn · Dnn

Name of the Vulnerable Software and Affected Versions: DNN formerly DotNetNuke versions prior to 9.13.8 Description: The issue concerns a possible denial of service that can be triggered by submitting specially crafted information in the public registration form. Recommendations: For versions pri...

PT-2025-15635 · Dnn · Dnn

Name of the Vulnerable Software and Affected Versions: DNN formerly DotNetNuke versions prior to 9.13.2 Description: The issue allows uploading files with malicious content by renaming them to have an allowed file extension, such as renaming an executable file to have a .jpg extension. This could...

PT-2025-26481

Name of the Vulnerable Software and Affected Versions: DNN formerly DotNetNuke versions 6.0.0 through 10.0.0 Description: The issue allows a specially crafted request to inject scripts in the "Activity Feed Attachments" endpoint, which will then render in the feed, resulting in a cross-site...

CVE-2022-2922 Relative Path Traversal in dnnsoftware/dnn.platform

Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0...

GHSA-9PHR-H5MX-4FP6 DNN XSS Vulnerability

DNN formerly DotNetNuke through 9.4.4 allows XSS issue 1 of 2...

DNN(DotNetNuke®) Iconbar Control Panel Bad Access Level config

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Title : DNNDotNetNuke® Iconbar Control Panel Bad Access Level config Author : alieye vendor : http://dnnsoftware.com/ Contact : [email protected] Risk : High Class: Remote Google Dork: inurl:ctl/+inurl:/tab inurl:ctl+inurl:tab Model Module...