CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Dnnsoftware: >> Dotnetnuke >> 9.2.0 Security Vulnerabilities

CVE-2018-18325

Known exploited

DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811.

CVSS Score

7.5

EPSS Score

0.761

Published

2019-07-03

CVE-2018-18326

DNN (aka DotNetNuke) 9.2 through 9.2.2 incorrectly converts encryption key source values, resulting in lower than expected entropy. NOTE: this issue exists because of an incomplete fix for CVE-2018-15812.

CVSS Score

7.5

EPSS Score

0.765

Published

2019-07-03

Page 2

Vulnerabilities

Vulnerable Software

Dnnsoftware: >> Dotnetnuke >> 9.2.0 Security Vulnerabilities

Products

Pricing

Contact Us