| Max CVSS | 6.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-15811 | 5.0 |
DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.
|
03-03-2023 - 20:47 | 03-07-2019 - 17:15 | |
| CVE-2018-15812 | 5.0 |
DNN (aka DotNetNuke) 9.2 through 9.2.1 incorrectly converts encryption key source values, resulting in lower than expected entropy.
|
03-03-2023 - 20:47 | 03-07-2019 - 17:15 | |
| CVE-2018-18326 | 5.0 |
DNN (aka DotNetNuke) 9.2 through 9.2.2 incorrectly converts encryption key source values, resulting in lower than expected entropy. NOTE: this issue exists because of an incomplete fix for CVE-2018-15812.
|
03-03-2023 - 20:46 | 03-07-2019 - 17:15 | |
| CVE-2018-18325 | 5.0 |
DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811.
|
03-03-2023 - 20:46 | 03-07-2019 - 17:15 | |
| CVE-2017-9822 | 6.5 |
DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka "2017-08 (Critical) Possible remote code execution on DNN sites."
|
03-04-2020 - 05:15 | 20-07-2017 - 12:29 |