6 matches found
CVE-2025-32373
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In limited configurations, registered users may be able to craft a request to enumerate/access some portal files they should not have access to. This vulnerability is fixed in 9.13.8...
CVE-2025-32373 DNN allows a registered user to enumerate and access files they should not have access to
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In limited configurations, registered users may be able to craft a request to enumerate/access some portal files they should not have access to. This vulnerability is fixed in 9.13.8...
CVE-2025-32373
CVE-2025-32373 affects DNN (DotNetNuke) in the Microsoft ecosystem. In limited configurations, registered users may craft a request to enumerate or access portal files they should not have access to. The issue is fixed in version 9.13.8. Remediation: upgrade to 9.13.8 or newer to resolve the vuln...
CVE-2025-32372
CVE-2025-32372 : DNN (DotNetNuke) exposes a bypass of CVE-2017-0929 enabling unauthenticated, semi‑blind SSRF via arbitrary GET requests to internal or external URLs. Public sources reference this as a server-side request forgery affecting DNN, with a fixed revision in 9.13.8; Nessus/NVD entries ...
CVE-2025-32036
CVE-2025-32036 affects DNN (DotNetNuke) where the captcha generation algorithm has low complexity, enabling OCR-based bypass of CAPTCHA. Multiple connected sources (PT-Security and Red Hat advisories) confirm the issue and identify the fixed version as 9.13.8, with prior versions vulnerable. Prac...
CVE-2025-32036 DNN allows the possibility of bypassing Captcha
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. The algorithm used to generate the captcha image shows the least complexity of the desired image. For this reason, the created image can be easily read by OCR tools, and the intruder can send...