|
3271
|
- |
|
dnnsoftware
|
dotnetnuke
|
Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote attackers to inject arbitrary web script or HTML via the __dnnVariable parameter to the de…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4649
|
2026-04-25 02:34 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3272
|
- |
|
dnnsoftware
|
dotnetnuke
|
Vulnerabilidad de XSS en DotNetNuke (DNN) anterior a 6.2.9 y 7.x anterior a 7.1.1 permite a atacantes remotos inyectar script Web o HTML arbitrarios a través del parámetro __dnnVariable hacia la URI …
|
CWE-79
Cross-site Scripting
|
CVE-2013-4649
|
2026-04-25 02:34 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3273
|
- |
|
dnnsoftware
|
dotnetnuke
|
Open redirect vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2013-7335
|
2026-04-25 02:34 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3274
|
- |
|
dnnsoftware
|
dotnetnuke
|
Vulnerabilidad de redirección abierta en DotNetNuke (DNN) anterior a 6.2.9 y 7.x anterior a 7.1.1 permite a atacantes remotos redirigir usuarios hacia sitios web arbitrarios y realizar ataques de phi…
|
CWE-20
Improper Input Validation
|
CVE-2013-7335
|
2026-04-25 02:34 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3275
|
- |
|
dnnsoftware
|
dotnetnuke
|
Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 7.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1566
|
2026-04-25 02:34 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3276
|
- |
|
dnnsoftware
|
dotnetnuke
|
Vulnerabilidad de XSS en DotNetNuke (DNN) anterior a 7.4.0 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de vectores no especificados.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1566
|
2026-04-25 02:34 |
2015-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3277
|
5.4 |
MEDIUM
Network
|
dnnsoftware
|
dotnetnuke
|
Cross-site scripting (XSS) vulnerability in the user-profile biography section in DotNetNuke (DNN) before 8.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted …
|
CWE-79
Cross-site Scripting
|
CVE-2016-7119
|
2026-04-25 02:34 |
2016-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3278
|
5.4 |
MEDIUM
Network
|
dnnsoftware
|
dotnetnuke
|
Vulnerabilidad de XSS en la sección de biografía del perfil del usuario en DotNetNuke (DNN) en versiones anteriores a 8.0.1 permite a usuarios remotos autenticados inyectar secuencias de comandos web…
|
CWE-79
Cross-site Scripting
|
CVE-2016-7119
|
2026-04-25 02:34 |
2016-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3279
|
9.8 |
CRITICAL
Network
|
dnnsoftware
|
dotnetnuke
|
The installation wizard in DotNetNuke (DNN) before 7.4.1 allows remote attackers to reinstall the application and gain SuperUser access via a direct request to Install/InstallWizard.aspx.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2794
|
2026-04-25 02:34 |
2017-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3280
|
9.8 |
CRITICAL
Network
|
dnnsoftware
|
dotnetnuke
|
El asistente de instalación en DotNetNuke (DNN) en versiones anteriores a 7.4.1 permite a atacantes remotos reinstalar la aplicación y obtener acceso SuperUser a través de una solicitud directa a Ins…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2794
|
2026-04-25 02:34 |
2017-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
