|
3231
|
- |
|
dnnsoftware
|
dotnetnuke
|
Cross-site scripting (XSS) vulnerability in EditModule.aspx for DotNetNuke (formerly IBuySpy Workshop) 1.0.6 through 1.0.10d allows remote attackers to inject arbitrary web script or HTML.
|
NVD-CWE-Other
|
CVE-2004-2325
|
2026-04-25 02:34 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3232
|
- |
|
dnnsoftware
|
dotnetnuke
|
Multiple cross-site scripting (XSS) vulnerabilities in DotNetNuke before 3.0.12 allow remote attackers to inject arbitrary web script or HTML via the (1) register a new user page, (2) User-Agent, or …
|
NVD-CWE-Other
|
CVE-2005-0040
|
2026-04-25 02:34 |
2005-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3233
|
- |
|
dnnsoftware
|
dotnetnuke
|
** UNVERIFIABLE ** Unspecified vulnerability in an unspecified DNN Modules module for DotNetNuke (.net nuke) allows remote attackers to gain privileges via unspecified vectors, as used in an attack …
|
NVD-CWE-Other
|
CVE-2006-3601
|
2026-04-25 02:34 |
2006-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3234
|
- |
|
dnnsoftware
|
dotnetnuke
|
** NO VERIFICABLE ** Vulnerabilidad no especificada en en un módulo DNN Modules no especificado para DotNetNuke (.net nuke) permiten a atacantes remotos obtener privilegios mediante vectores no espec…
|
NVD-CWE-Other
|
CVE-2006-3601
|
2026-04-25 02:34 |
2006-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3235
|
- |
|
dnnsoftware
|
dotnetnuke
|
Cross-site scripting (XSS) vulnerability in Default.aspx in Perpetual Motion Interactive Systems DotNetNuke before 3.3.5, and 4.x before 4.3.5, allows remote attackers to inject arbitrary HTML via th…
|
NVD-CWE-Other
|
CVE-2006-4973
|
2026-04-25 02:34 |
2006-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3236
|
- |
|
dnnsoftware
|
dotnetnuke
|
Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Default.aspx en Perpetual Motion Interactive Systems DotNetNuke anteriores a 3.3.5, y 4.x anteriores a 4.3.5, permite a un atacant…
|
NVD-CWE-Other
|
CVE-2006-4973
|
2026-04-25 02:34 |
2006-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3237
|
- |
|
dnnsoftware
|
dotnetnuke
|
Unspecified vulnerability in DotNetNuke 4.5.2 through 4.9 allows remote attackers to "add additional roles to their user account" via unknown attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6399
|
2026-04-25 02:34 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3238
|
- |
|
dnnsoftware
|
dotnetnuke
|
Vulnerabilidad no especificada en DotNetNuke v4.5.2 hasta v4.9 permite a atacantes remotos "añadir reglas adicionales de sus cuentas de usuario" a través de vectores de ataque desconocidos.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6399
|
2026-04-25 02:34 |
2009-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3239
|
- |
|
dnnsoftware
|
dotnetnuke
|
DotNetNuke before 4.8.2, during installation or upgrade, does not warn the administrator when the default (1) ValidationKey and (2) DecryptionKey values cannot be modified in the web.config file, whi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6540
|
2026-04-25 02:34 |
2009-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3240
|
- |
|
dnnsoftware
|
dotnetnuke
|
DotNetNuke anteriores a v4.8.2, durante la instalación o actualización, no avisan al administrador que los valores (1) ValidationKey y (2) DecryptionKey no pueden ser modificados en el fichero web.…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-6540
|
2026-04-25 02:34 |
2009-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
