| CVE-2015-2794 |
critical |
9.8 |
9.8 |
|
|
|
9y ago |
The installation wizard in DotNetNuke (DNN) allows privilege escalation |
| CVE-2016-7119 |
medium |
5.4 |
5.4 |
|
|
|
10y ago |
Cross-site scripting (XSS) vulnerability in the user-profile biography section in DotNetNuke (DNN) |
| CVE-2015-1566 |
medium |
— |
4.3 |
|
|
|
12y ago |
Moderate severity vulnerability that affects DotNetNuke.Core |
| CVE-2013-7335 |
medium |
— |
4.3 |
|
|
|
12y ago |
DotNetNuke (DNN) Open redirect vulnerability |
| CVE-2013-4649 |
medium |
— |
4.3 |
|
|
|
12y ago |
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter |
| CVE-2018-15811 |
unknown |
— |
2.5 |
|
|
|
7y ago |
DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. |
| CVE-2018-18325 |
unknown |
— |
2.5 |
|
|
|
7y ago |
DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. This CVE ID resolves an incomplete patch f… |
| CVE-2017-9822 |
unknown |
— |
2.5 |
|
|
|
8y ago |
DotNetNuke (DNN) contains a vulnerability that may allow for remote code execution via cookie deserialization. |