DNN is vulnerable to directory traversal. A zip slip vulnerability due to the lack of validation of file names in a zip file allows an attacker to write or overwrite arbitrary files on the system.
packetstormsecurity.com/files/156489/DotNetNuke-CMS-9.4.4-Zip-Directory-Traversal.html
github.com/dnnsoftware/Dnn.Platform/commit/da88efaac1728709f7432fc018f6289423276c8e
github.com/dnnsoftware/Dnn.Platform/releases
medium.com/@SajjadPourali/dnn-dotnetnuke-cms-not-as-secure-as-you-think-e8516f789175
packetstormsecurity.com/files/156489/DotNetNuke-CMS-9.4.4-Zip-Directory-Traversal.html