CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

41 matches found

CNNVD•added 2026/01/28 12:0 a.m.•5 views

DNN Cross-Site Scripting Vulnerabilities

DNN also known as DotNetNuke is an open-source content management system CMS developed by the American company DNN, supported by Microsoft and based on the ASP.NET platform. This system features easy installation, scalability, and rich functionality. Versions of DNN prior to 9.13.10 and 10.2.0...

7.6CVSS5.6AI score0.00174EPSS

Exploits0References1

ATTACKERKB•added 2026/01/27 11:53 p.m.•4 views

CVE-2026-24837

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a module friendly name could include scripts that will run during some module operations in the Persona Bar. Versions 9.13....

7.6CVSS5.9AI score0.00249EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2026/01/09 11:23 a.m.•6 views

CVE-2021-31858

DotNetNuke DNN 9.9.1 CMS is vulnerable to a Stored Cross-Site Scripting vulnerability in the user profile biography section which allows remote authenticated users to inject arbitrary code via a crafted payload...

5.4CVSS6AI score0.00527EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:24 a.m.•8 views

CVE-2008-6399

Unspecified vulnerability in DotNetNuke 4.5.2 through 4.9 allows remote attackers to "add additional roles to their user account" via unknown attack vectors...

6.4CVSS7.1AI score0.01953EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:26 a.m.•5 views

CVE-2019-12562

Stored Cross-Site Scripting in DotNetNuke DNN Version before 9.4.0 allows remote attackers to store and embed the malicious script into the admin notification page. The exploit could be used to perfom any action with admin privileges such as managing content, adding users, uploading backdoors to...

6.1CVSS5.9AI score0.06124EPSS

Exploits6References1

Positive Technologies•added 2025/10/28 12:0 a.m.•5 views

PT-2025-44221

Name of the Vulnerable Software and Affected Versions DNN formerly DotNetNuke versions prior to 10.1.1 Description DNN formerly DotNetNuke is an open-source web content management platform. The default HTML editor provider allows unauthenticated file uploads, enabling attackers to overwrite...

10CVSS5.8AI score0.44185EPSS

Exploits3References37