| Max CVSS | 6.5 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-15811 | 5.0 |
DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.
|
03-03-2023 - 20:47 | 03-07-2019 - 17:15 | |
| CVE-2018-15812 | 5.0 |
DNN (aka DotNetNuke) 9.2 through 9.2.1 incorrectly converts encryption key source values, resulting in lower than expected entropy.
|
03-03-2023 - 20:47 | 03-07-2019 - 17:15 | |
| CVE-2018-18326 | 5.0 |
DNN (aka DotNetNuke) 9.2 through 9.2.2 incorrectly converts encryption key source values, resulting in lower than expected entropy. NOTE: this issue exists because of an incomplete fix for CVE-2018-15812.
|
03-03-2023 - 20:46 | 03-07-2019 - 17:15 | |
| CVE-2018-18325 | 5.0 |
DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811.
|
03-03-2023 - 20:46 | 03-07-2019 - 17:15 | |
| CVE-2020-5188 | 4.0 |
DNN (formerly DotNetNuke) through 9.4.4 has Insecure Permissions.
|
21-07-2021 - 11:39 | 24-02-2020 - 15:15 | |
| CVE-2020-5187 | 6.5 |
DNN (formerly DotNetNuke) through 9.4.4 allows Path Traversal (issue 2 of 2).
|
24-02-2020 - 21:23 | 24-02-2020 - 15:15 | |
| CVE-2020-5186 | 3.5 |
DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2).
|
24-02-2020 - 21:16 | 24-02-2020 - 15:15 |