Lucene search
K

286 matches found

RedhatCVE
RedhatCVE
added 2025/09/25 2:53 a.m.5 views

CVE-2025-59548

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.1.0, specially crafted URLs to the FileBrowser are vulnerable to javascript injection, affecting any unsuspecting user clicking such link. This issue has been patched in...

5.9CVSS6.7AI score0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/23 5:58 p.m.5 views

CVE-2025-59548 DNN Vulnerable to Reflected Cross-Site Scripting (XSS) in CKEditor File Browser

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.1.0, specially crafted URLs to the FileBrowser are vulnerable to javascript injection, affecting any unsuspecting user clicking such link. This issue has been patched in...

5.9CVSS6.4AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/23 5:58 p.m.10 views

CVE-2025-59548 DNN Vulnerable to Reflected Cross-Site Scripting (XSS) in CKEditor File Browser

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to version 10.1.0, specially crafted URLs to the FileBrowser are vulnerable to javascript injection, affecting any unsuspecting user clicking such link. This issue has been patched in...

5.9CVSS0.00175EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-26076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled search path element in the IntelR oneAPI Deep Neural Network oneDNN before version 2022.1 may allow an authenticated user to potentially enable...

7.3CVSS7.1AI score0.00233EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2025/07/14 1:44 a.m.394 views

Exploit for CVE-2025-52488

DNN Unicode Path Normalization NTLM Hash Disclosure Exploit C...

8.6CVSS7.5AI score0.29345EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/06/23 8:41 a.m.10 views

CVE-2025-52485

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted request to inject scripts in the Activity Feed Attachments endpoint which will then render in the feed. This issue...

5.1CVSS7AI score0.00178EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/23 8:40 a.m.4 views

CVE-2025-52486

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows specially crafted content in URLs to be used with TokenReplace and not be properly sanitized by some SkinObjects. This issue has been...

6.1CVSS7AI score0.00203EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/23 8:39 a.m.5 views

CVE-2025-52487

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 7.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted request or proxy to be created that could bypass the design of DNN Login IP Filters allowing login attempts from IP...

8.8CVSS7.1AI score0.00294EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/23 8:39 a.m.6 views

CVE-2025-52488

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted series of malicious interaction to potentially expose NTLM hashes to a third party SMB server. This issue has been...

8.6CVSS7AI score0.29345EPSS
Exploits1References1
NVD
NVD
added 2025/06/21 3:15 a.m.16 views

CVE-2025-52486

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows specially crafted content in URLs to be used with TokenReplace and not be properly sanitized by some SkinObjects. This issue has been...

6.1CVSS0.00203EPSS
Exploits0References2
NVD
NVD
added 2025/06/21 3:15 a.m.13 views

CVE-2025-52488

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted series of malicious interaction to potentially expose NTLM hashes to a third party SMB server. This issue has been...

8.6CVSS0.29345EPSS
Exploits1References1
NVD
NVD
added 2025/06/21 3:15 a.m.12 views

CVE-2025-52487

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 7.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted request or proxy to be created that could bypass the design of DNN Login IP Filters allowing login attempts from IP...

8.8CVSS0.00294EPSS
Exploits0References1
NVD
NVD
added 2025/06/21 3:15 a.m.8 views

CVE-2025-52485

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted request to inject scripts in the Activity Feed Attachments endpoint which will then render in the feed. This issue...

5.4CVSS0.00178EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/21 2:51 a.m.9 views

CVE-2025-52488 DNN.PLATFORM leaks NTLM hash via SMB Share Interaction with malicious user input

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted series of malicious interaction to potentially expose NTLM hashes to a third party SMB server. This issue has been...

8.6CVSS6.9AI score0.29345EPSS
Exploits1References1
OSV
OSV
added 2025/06/21 2:51 a.m.10 views

CVE-2025-52488 DNN.PLATFORM leaks NTLM hash via SMB Share Interaction with malicious user input

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted series of malicious interaction to potentially expose NTLM hashes to a third party SMB server. This issue has been...

8.6CVSS8.7AI score0.29345EPSS
Exploits1References3
EUVD
EUVD
added 2025/06/21 2:51 a.m.15 views

EUVD-2025-18800

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted series of malicious interaction to potentially expose NTLM hashes to a third party SMB server. This issue has been...

8.6CVSS6.9AI score0.29345EPSS
Exploits1References1
CVE
CVE
added 2025/06/21 2:51 a.m.125 views

CVE-2025-52488

Summary (CVE-2025-52488) Affected: DNN Platform (formerly DotNetNuke), versions 6.0.0 up to before 10.0.1.Root cause: A specially crafted interaction vulnerability allows NTLM hashes to be disclosed to a third‑party SMB server via Unicode path normalization.Impact: Unauthenticated attackers could...

8.6CVSS8.4AI score0.29345EPSS
In wildExploits1References1Affected Software1
Cvelist
Cvelist
added 2025/06/21 2:44 a.m.11 views

CVE-2025-52487 DNN.PLATFORM possibly allows bypass of IP Filters

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 7.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted request or proxy to be created that could bypass the design of DNN Login IP Filters allowing login attempts from IP...

8.8CVSS0.00294EPSS
Exploits0References1
OSV
OSV
added 2025/06/21 2:44 a.m.8 views

CVE-2025-52487 DNN.PLATFORM possibly allows bypass of IP Filters

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 7.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted request or proxy to be created that could bypass the design of DNN Login IP Filters allowing login attempts from IP...

8.8CVSS6.4AI score0.00294EPSS
Exploits0References3
CVE
CVE
added 2025/06/21 2:44 a.m.35 views

CVE-2025-52487

CVE-2025-52487 affects DNN.PLATFORM (DotNetNuke) prior to version 10.0.1. Versions 7.0.0 up to before 10.0.1 allow a specially crafted request or proxy to bypass the DNN Login IP Filters, enabling login attempts from IPs outside the allow list. The vulnerability is mitigated by upgrading to versi...

8.8CVSS6.4AI score0.00294EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder