| Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-9822 | 6.5 |
DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."
|
03-04-2020 - 05:15 | 20-07-2017 - 12:29 | |
| CVE-2015-2794 | 7.5 |
The installation wizard in DotNetNuke (DNN) before 7.4.1 allows remote attackers to reinstall the application and gain SuperUser access via a direct request to Install/InstallWizard.aspx.
|
02-03-2017 - 02:59 | 06-02-2017 - 15:59 | |
| CVE-2016-7119 | 3.5 |
Cross-site scripting (XSS) vulnerability in the user-profile biography section in DotNetNuke (DNN) before 8.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted onclick attribute in an IMG element.
|
28-11-2016 - 20:37 | 31-08-2016 - 14:59 |