Shodan
Vulnerabilities
Vulnerable Software
Dnnsoftware:  >> Dotnetnuke  >> 9.2  Security Vulnerabilities
CVE-2018-18325
Known exploited
DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811.
CVSS Score
7.5
EPSS Score
0.761
Published
2019-07-03
CVE-2018-18326
DNN (aka DotNetNuke) 9.2 through 9.2.2 incorrectly converts encryption key source values, resulting in lower than expected entropy. NOTE: this issue exists because of an incomplete fix for CVE-2018-15812.
CVSS Score
7.5
EPSS Score
0.765
Published
2019-07-03
CVE-2017-0929
DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources.
CVSS Score
7.5
EPSS Score
0.917
Published
2018-07-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved