4 matches found
CVE-2020-5188
DNN (formerly DotNetNuke) through 9.4.4 has Insecure Permissions.
CVE-2020-5187
DNN (formerly DotNetNuke) through 9.4.4 allows Path Traversal (issue 2 of 2).
CVE-2020-5186
DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2).
CVE-2020-11585
There is an information disclosure issue in DNN (formerly DotNetNuke) 9.5 within the built-in Activity-Feed/Messaging/Userid/ Message Center module. A registered user is able to enumerate any file in the Admin File Manager (other than ones contained in a secure folder) by sending themselves a messa...