DotNetNuke CMS version 9.4.4 suffers from zip split issue where a directory traversal attack can be performed to overwrite files or execute malicious code.
d7f640e068cc427c77cf0775692e1b37581935a6fffb794aa7b0884bad7c39e4DotNetNuke CMS version 9.5.0 suffers from file extension check bypass vulnerability that allows for arbitrary file upload.
3ebf9bd3e2a530a983c3320a442ce6dc9f95b838d5b8220e87da6bd1463f660bCross site scripting attacks can be launched against DotNetNuke CMS version 9.5.0 by uploading a malicious XML file.
684ec5f82a14d391aa0415bab3df31b22c06b2ee51e1001641a742fe6b4c2b9eDotNetNuke DNNArticle module versions 10.0 and below suffer from a remote SQL injection vulnerability.
3418ca4d1ae20f2fa6d4bc50f7515ed9bbbff0fa1ebe71846e7fb3de94fd2c36DotNetNuke (DNN) versions prior to 7.1.0 and 6.2.8 suffer from a cross site scripting vulnerability.
d5fce71c870f5c7156d287f5104511526b84a26432231c7c2bdefd7c00f5a00eEttercap versions 0.7.5.1, 0.7.5, and 0.7.4 and below suffer from a stack overflow vulnerability. Version 0.7.4.1 is not affected.
441cfdeb1206f31b83110efd5e60a48cc510f71789d13efdc3787ca345080ca6MailEnable Professional and Enterprise versions are prone to cross site scripting vulnerabilities as the user-supplied input received via the "Username" parameter of the "ForgottonPassword.aspx" page is not properly sanitized. Versions 4.2.6 and below, 5.52 and below and 6.02 and below are affected.
cab4ee58932f48fbb2493be671b4513aaa7da0caa31bfdb2f95731c6adf0d732
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed