|
2121
|
- |
|
dnnsoftware
|
dotnetnuke
|
Cross-site scripting (XSS) vulnerability in the error handling page in DotNetNuke 4.6.2 through 4.8.3 allows remote attackers to inject arbitrary web script or HTML via the querystring parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2008-6733
|
2026-04-25 02:34 |
2009-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2122
|
- |
|
dnnsoftware
|
dotnetnuke
|
Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la pagina de manejo de errores en DotNetNuke v4.6.2 hasta la v4.8.3 permite a atacantes remotos inyectar secuencias de comandos w…
|
CWE-79
Cross-site Scripting
|
CVE-2008-6733
|
2026-04-25 02:34 |
2009-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2123
|
- |
|
dnnsoftware
|
dotnetnuke
|
Cross-site scripting (XSS) vulnerability in Website\admin\Sales\paypalipn.aspx in DotNetNuke (DNN) before 4.9.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors …
|
CWE-79
Cross-site Scripting
|
CVE-2009-1366
|
2026-04-25 02:34 |
2009-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2124
|
- |
|
dnnsoftware
|
dotnetnuke
|
Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Website\admin\Sales\paypalipn.aspx en DotNetNuke (DNN) versiones anteriores v4.9.3 permite a atacantes remotos inyectar secuencias…
|
CWE-79
Cross-site Scripting
|
CVE-2009-1366
|
2026-04-25 02:34 |
2009-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2125
|
- |
|
dnnsoftware
|
dotnetnuke
|
Unspecified vulnerability in DotNetNuke 4.4.1 through 4.8.4 allows remote authenticated users to bypass authentication and gain privileges via unknown vectors related to a "unique id" for user action…
|
NVD-CWE-noinfo
|
CVE-2008-7100
|
2026-04-25 02:34 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2126
|
- |
|
dnnsoftware
|
dotnetnuke
|
Vulnerabilidad sin especificar en DotNetNuke v4.0 a la v4.8.4 y 5.0, permite a usuarios autenticados remotamente evitar la autenticación y obtener privilegios a través de vectores desconocidos relac…
|
NVD-CWE-noinfo
|
CVE-2008-7100
|
2026-04-25 02:34 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2127
|
- |
|
dnnsoftware
|
dotnetnuke
|
Unspecified vulnerability in DotNetNuke 4.0 through 4.8.4 and 5.0 allows remote attackers to obtain sensitive information (portal number) by accessing the install wizard page via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2008-7101
|
2026-04-25 02:34 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2128
|
- |
|
dnnsoftware
|
dotnetnuke
|
Vulnerabilidad sin especificar en DotNetNuke v4.0 a la v4.8.4 y 5.0, permite a atacantes remotos obtener información sensible (número de portal) accediendo a la página del asistente de instalación me…
|
NVD-CWE-noinfo
|
CVE-2008-7101
|
2026-04-25 02:34 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2129
|
- |
|
dnnsoftware
|
dotnetnuke
|
DotNetNuke 2.0 through 4.8.4 allows remote attackers to load .ascx files instead of skin files, and possibly access privileged functionality, via unknown vectors related to parameter validation.
|
CWE-20
Improper Input Validation
|
CVE-2008-7102
|
2026-04-25 02:34 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2130
|
- |
|
dnnsoftware
|
dotnetnuke
|
DotNetNuke v2.0 hasta v4.8.4 permite a los atacantes remotos cargar archivos .ascx en lugar de un archivo de piel (skin), y posiblemente acceso privilegiado a funcionalidades, a través de vectores de…
|
CWE-20
Improper Input Validation
|
CVE-2008-7102
|
2026-04-25 02:34 |
2009-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
