Dotnetnuke Security Vulnerabilities and Issues — Dotnetnuke CVE List

Lucene search

DnnsoftwareDotnetnuke

6 matches found

CVE•added 2019/07/03 5:15 p.m.•1080 views

CVE-2018-15811

DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.

7.5CVSS7.3AI score0.76118EPSS

CVE•added 2019/07/03 5:15 p.m.•1059 views

CVE-2018-18325

DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811.

7.5CVSS7.5AI score0.76118EPSS

CVE•added 2019/07/03 5:15 p.m.•236 views

CVE-2018-15812

DNN (aka DotNetNuke) 9.2 through 9.2.1 incorrectly converts encryption key source values, resulting in lower than expected entropy.

7.5CVSS7.4AI score0.78183EPSS

CVE•added 2019/09/26 8:15 p.m.•164 views

CVE-2019-12562

Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 allows remote attackers to store and embed the malicious script into the admin notification page. The exploit could be used to perfom any action with admin privileges such as managing content, adding users, uploading backdoors to ...

6.1CVSS5.7AI score0.38668EPSS

CVE•added 2019/07/03 5:15 p.m.•146 views

CVE-2018-18326

DNN (aka DotNetNuke) 9.2 through 9.2.2 incorrectly converts encryption key source values, resulting in lower than expected entropy. NOTE: this issue exists because of an incomplete fix for CVE-2018-15812.

7.5CVSS7.6AI score0.78183EPSS

CVE•added 2019/03/21 4:0 p.m.•36 views

CVE-2018-14486

DNN (formerly DotNetNuke) 9.1.1 allows cross-site scripting (XSS) via XML.

6.1CVSS6AI score0.00479EPSS