Lucene search
K

6 matches found

NVD
NVD
added 2025/04/09 4:15 p.m.21 views

CVE-2025-32373

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In limited configurations, registered users may be able to craft a request to enumerate/access some portal files they should not have access to. This vulnerability is fixed in 9.13.8...

6.5CVSS0.0034EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/09 3:14 p.m.9 views

CVE-2025-32373 DNN allows a registered user to enumerate and access files they should not have access to

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In limited configurations, registered users may be able to craft a request to enumerate/access some portal files they should not have access to. This vulnerability is fixed in 9.13.8...

6.5CVSS6.6AI score0.0034EPSS
Exploits0References1
CVE
CVE
added 2025/04/09 3:14 p.m.62 views

CVE-2025-32373

CVE-2025-32373 affects DNN (DotNetNuke) in the Microsoft ecosystem. In limited configurations, registered users may craft a request to enumerate or access portal files they should not have access to. The issue is fixed in version 9.13.8. Remediation: upgrade to 9.13.8 or newer to resolve the vuln...

6.5CVSS6.2AI score0.0034EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/04/09 3:14 p.m.76 views

CVE-2025-32372

CVE-2025-32372 : DNN (DotNetNuke) exposes a bypass of CVE-2017-0929 enabling unauthenticated, semi‑blind SSRF via arbitrary GET requests to internal or external URLs. Public sources reference this as a server-side request forgery affecting DNN, with a fixed revision in 9.13.8; Nessus/NVD entries ...

7.5CVSS6.7AI score0.00335EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/04/08 6:6 p.m.68 views

CVE-2025-32036

CVE-2025-32036 affects DNN (DotNetNuke) where the captcha generation algorithm has low complexity, enabling OCR-based bypass of CAPTCHA. Multiple connected sources (PT-Security and Red Hat advisories) confirm the issue and identify the fixed version as 9.13.8, with prior versions vulnerable. Prac...

6.5CVSS6.8AI score0.00271EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/04/08 6:6 p.m.12 views

CVE-2025-32036 DNN allows the possibility of bypassing Captcha

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. The algorithm used to generate the captcha image shows the least complexity of the desired image. For this reason, the created image can be easily read by OCR tools, and the intruder can send...

4.2CVSS0.00271EPSS
Exploits0References2
Rows per page
Query Builder