EUVD-2013-4958

Malware in sbrugna...

DotNetNuke DNNarticle Module 11 - Directory Traversal

Advisory Information Title: Directory Traversal Vulnerability in DNNarticle module Date published: n/a Date of last update: n/a Vendors contacted: zldnn.com Discovered by: Esmaeil Rahimian Severity: Critical 02. Vulnerability Information OVE-ID: CVE-2018-9126. 03. Introduction DNN Article is...

DotNetNuke DNNarticle Module 11 - Directory Traversal

DotNetNuke DNNarticle Module 11 - Directory Traversal 01. Advisory Information Title: Directory Traversal Vulnerability in DNNarticle module Date published: n/a Date of last update: n/a Vendors contacted: zldnn.com Discovered by: Esmaeil Rahimian Severity: Critical 02. Vulnerability Information...

Code injection

The DNNArticle module 11 for DNN formerly DotNetNuke allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI...

CVE-2018-9126

The DNNArticle module 11 for DNN formerly DotNetNuke allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI...

CVE-2018-9126

The DNNArticle module 11 for DNN formerly DotNetNuke allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI...

CVE-2018-9126

The DNNArticle module 11 for DNN formerly DotNetNuke allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI...

CVE-2018-9126

The DNNArticle module 11 for DNN formerly DotNetNuke allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI...

CVE-2018-9126

CVE-2018-9126 affects the DNNArticle module 11 for DotNetNuke. The vulnerability allows remote attackers to read the web.config via the URI /GetCSS.ashx/?CP=%2fweb.config, exposing database credentials and other config data. Exploit references exist (Exploit-DB, PacketStorm), confirming in-the-wi...

DotNetNuke DNNarticle Directory Traversal Vulnerability

Exploit for asp platform in category web applications 01. Advisory Information Title: Directory Traversal Vulnerability in DNNarticle module Date published: n/a Date of last update: n/a Vendors contacted: zldnn.com Discovered by: Esmaeil Rahimian 02. Vulnerability Information OVE-ID: CVE-2018-912...

DotNetNuke DNNarticle Directory Traversal

Advisory Information Title: Directory Traversal Vulnerability in DNNarticle module Date published: n/a Date of last update: n/a Vendors contacted: zldnn.com Discovered by: Esmaeil Rahimian Severity: Critical 02. Vulnerability Information OVE-ID: CVE-2018-9126. 03. Introduction DNN Article is...

DotNetNuke DNNArticle Module 10.0 - SQL Injection Vulnerability

No description provided by source. Title: DotNetNuke DNNArticle Module SQL Injection Vulnerability References: CVE-2013-5117 Discovered by: Sajjad Pourali Vendor http://www.zldnn.com/ , http://www.dnnarticle.com/? Vendor advisory:...

CVE-2013-5117

SQL injection vulnerability in the RSS page DNNArticleRSS.aspx in the ZLDNN DNNArticle module before 10.1 for DotNetNuke allows remote attackers to execute arbitrary SQL commands via the categoryid parameter...

CVE-2013-5117

SQL injection vulnerability in the RSS page DNNArticleRSS.aspx in the ZLDNN DNNArticle module before 10.1 for DotNetNuke allows remote attackers to execute arbitrary SQL commands via the categoryid parameter...

CVE-2013-5117

CVE-2013-5117 affects DotNetNuke DNNArticle Module (DNNArticleRSS.aspx); a SQL injection via the categoryid parameter in DNNArticleRSS.aspx before version 10.1 allows remote attackers to execute arbitrary SQL commands. Affects the DNNArticle module prior to 10.1; remediation is to upgrade to 10.1...

DotNetNuke DNNArticle模块'categoryid'参数SQL注入漏洞

BUGTRAQ ID: 61788 CVECAN ID: CVE-2013-5117 DotNetNuke DNNArticle是DNN的CMS和文章管理模块。 DNNArticle 10.0及之前版本没有正确验证categoryid参数值的有效性，存在SQL注入漏洞，成功利用后可使远程攻击者执行未授权数据库操作。 0 DotNetNuke DNNArticle 10.0 厂商补丁： DotNetNuke ---------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： www.dnnarticle.com...

DotNetNuke DNNArticle插件 10.0 /DesktopModules/DNNArticle/DNNArticleRSS.aspx SQL注入漏洞

No description provided by source...

DotNetNuke < 10.1 DNNArticle Module SQLi Vulnerability

DotNetNuke DNNArticle module is prone to a SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

DNN (DotNetNuke) DNNArticle Module categoryid Parameter SQL Injection

The version of DNN installed on the remote host is affected by a SQL injection vulnerability due to a failure to properly sanitize user-supplied input to the 'categoryid' parameter of the 'dnnarticlerss.aspx' script. A remote, unauthenticated attacker can leverage this issue to launch a SQL...

DotNetNuke DNNArticle Module 10.0 - SQL Injection

DotNetNuke DNNArticle Module 10.0 - SQL Injection Title: DotNetNuke DNNArticle Module SQL Injection Vulnerability References: CVE-2013-5117 Discovered by: Sajjad Pourali Vendor http://www.zldnn.com/ , http://www.dnnarticle.com/‎ Vendor advisory:...