CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-19392

The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly DotNetNuke) allows an unprivileged user to import (create) new users with Administrator privileges, as demonstrated by Roles="Administrators" in XML or CSV data.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2019-19392

Fordnn » Usersexportimport » Version: N/A

cpe:2.3:a:fordnn:usersexportimport:-
Fordnn » Usersexportimport » Version: 1.0.0

cpe:2.3:a:fordnn:usersexportimport:1.0.0
Fordnn » Usersexportimport » Version: 1.1.0

cpe:2.3:a:fordnn:usersexportimport:1.1.0
Fordnn » Usersexportimport » Version: 1.1.1

cpe:2.3:a:fordnn:usersexportimport:1.1.1
Fordnn » Usersexportimport » Version: 1.1.2

cpe:2.3:a:fordnn:usersexportimport:1.1.2
Fordnn » Usersexportimport » Version: 1.1.3

cpe:2.3:a:fordnn:usersexportimport:1.1.3
Fordnn » Usersexportimport » Version: 1.1.4

cpe:2.3:a:fordnn:usersexportimport:1.1.4
Fordnn » Usersexportimport » Version: 1.1.5

cpe:2.3:a:fordnn:usersexportimport:1.1.5
Fordnn » Usersexportimport » Version: 1.1.7

cpe:2.3:a:fordnn:usersexportimport:1.1.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-19392

Products

Pricing

Contact Us