CVE-2025-48376 Dnn.Platform's Site Import could use an external source with a crafted request

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 9.13.9, a malicious SuperUser Host could craft a request to use an external url for a site export to then be imported. Version 9.13.9 fixes the issue...

PT-2025-22813 · Dnn · Dnn

Name of the Vulnerable Software and Affected Versions: DNN formerly DotNetNuke versions prior to 9.13.9 Description: A malicious SuperUser Host could craft a request to use an external URL for a site export to then be imported. This issue is related to the DNN formerly DotNetNuke open-source web...

PT-2025-15706 · Dnn · Dnn

Name of the Vulnerable Software and Affected Versions: DNN formerly DotNetNuke versions prior to 9.13.8 Description: The issue concerns a possible denial of service that can be triggered by submitting specially crafted information in the public registration form. Recommendations: For versions pri...

PT-2025-15635 · Dnn · Dnn

Name of the Vulnerable Software and Affected Versions: DNN formerly DotNetNuke versions prior to 9.13.2 Description: The issue allows uploading files with malicious content by renaming them to have an allowed file extension, such as renaming an executable file to have a .jpg extension. This could...

DNN(DotNetNuke®) Iconbar Control Panel Bad Access Level config

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Title : DNNDotNetNuke® Iconbar Control Panel Bad Access Level config Author : alieye vendor : http://dnnsoftware.com/ Contact : [email protected] Risk : High Class: Remote Google Dork: inurl:ctl/+inurl:/tab inurl:ctl+inurl:tab Model Module...