2 matches found
CVE-2018-9126
CVE-2018-9126 affects the DNNArticle module 11 for DotNetNuke. The vulnerability allows remote attackers to read the web.config via the URI /GetCSS.ashx/?CP=%2fweb.config, exposing database credentials and other config data. Exploit references exist (Exploit-DB, PacketStorm), confirming in-the-wi...
CVE-2013-5117
CVE-2013-5117 affects DotNetNuke DNNArticle Module (DNNArticleRSS.aspx); a SQL injection via the categoryid parameter in DNNArticleRSS.aspx before version 10.1 allows remote attackers to execute arbitrary SQL commands. Affects the DNNArticle module prior to 10.1; remediation is to upgrade to 10.1...