Lucene search
Veracode Vulnerability DatabaseVERACODE:22572HistoryFeb 25, 2020 - 6:40 a.m.
Directory Traversal
2020-02-2506:40:50
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
EPSS
0.01
Percentile
83.9%
DNN is vulnerable to directory traversal. A zip slip vulnerability due to the lack of validation of file names in a zip file allows an attacker to write or overwrite arbitrary files on the system.
References
packetstormsecurity.com/files/156489/DotNetNuke-CMS-9.4.4-Zip-Directory-Traversal.html
github.com/dnnsoftware/Dnn.Platform/commit/da88efaac1728709f7432fc018f6289423276c8e
github.com/dnnsoftware/Dnn.Platform/releases
medium.com/@SajjadPourali/dnn-dotnetnuke-cms-not-as-secure-as-you-think-e8516f789175
packetstormsecurity.com/files/156489/DotNetNuke-CMS-9.4.4-Zip-Directory-Traversal.html
Related
osv
osv
CVE-2020-5187
2020-02-24 15:15:11
DNN Path Traversal via Zip Slip
2022-05-24 17:09:34
prion
prion
Path traversal
2020-02-24 15:15:00
cve
cve
CVE-2020-5187
2020-02-24 15:15:11
cvelist
cvelist
CVE-2020-5187
2020-02-24 14:22:46
github
github
DNN Path Traversal via Zip Slip
2022-05-24 17:09:34
nvd
nvd
CVE-2020-5187
2020-02-24 15:15:11
packetstorm
packetstorm
DotNetNuke CMS 9.4.4 Zip Directory Traversal
2020-02-24 00:00:00