2 matches found
Arbitrary File Upload
Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Arbitrary File Upload via the HTML editor provider. An attacker can overwrite existing files and potentially deface a website or...
Insecure Default Initialization of Resource
Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the CKEditor Provider. An attacker can upload unauthorized files by accessing the...