DNN (DotNetNuke) - Unicode Path Normalization NTLM Hash Disclosure

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted series of malicious interaction to potentially expose NTLM hashes to a third party SMB server. This issue has been...

DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution

DotNetNuke DNN versions between 5.0.0 - 9.3.0 are affected by a deserialization vulnerability that leads to remote code execution. id: CVE-2017-9822 info: name: DotNetNuke 5.0.0 - 9.3.0 - Cookie Deserialization Remote Code Execution author: milo2012 severity: high description: DotNetNuke DNN...

DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery

DotNetNuke aka DNN before 9.2.0 suffers from a server-side request forgery vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources. id: CVE-2017-0929 info: name: DotNetNuke DNN ImageHandler 9.2.0 - Server-Side Request Forgery author...

EUVD-2022-7070

Malicious code in bioql PyPI...

Dnnsoftware DotNetNuke Detection Consolidation

Consolidation of Dnnsoftware DotNetNuke detections. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc"; if description...

CVE-2022-2922

Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0...

Path traversal

Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0...

CVE-2022-2922 Relative Path Traversal in dnnsoftware/dnn.platform

Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0...

CVE-2022-2922

CVE-2022-2922 describes a Relative Path Traversal in the DotNetNuke/DNN platform (GitHub: dnnsoftware/dnn.platform) up to version 9.11.0 . The vulnerability arises from insufficient sanitization of user-controlled input, enabling an authenticated, remote attacker to craft a URI containing directo...

DNN &#40;DotNetNuke®&#41; eventscalendar Module Arbitrary File Download Vulnerability

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Title : DNN DotNetNuke® eventscalendar Module Arbitrary File Download Vulnerability Author : alieye vendor : http://www.invenmanager.com/ , http://store.dnnsoftware.com/ Contact : [email protected] Risk : High Class: Remote Google Dork:...

DNN &#40;DotNetNuke®&#41; CodeEditor Module Arbitrary File Download Vulnerability

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Title : DNN DotNetNuke® CodeEditor Module Arbitrary File Download Vulnerability Author : alieye vendor : http://www.mediaant.com/ , http://store.dnnsoftware.com/ Contact : [email protected] Risk : High Class: Remote Google Dork:...