Dnnsoftware: >> Dotnetnuke >> 9.1.1 Security Vulnerabilities
DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources.
CVSS Score
7.5
EPSS Score
0.926
Published
2018-07-03
** UNVERIFIABLE ** Unspecified vulnerability in an unspecified DNN Modules module for DotNetNuke (.net nuke) allows remote attackers to gain privileges via unspecified vectors, as used in an attack against the Microsoft France web site. NOTE: due to the lack of details and uncertainty about which product is affected, this claim is not independently verifiable.
CVSS Score
10.0
EPSS Score
0.011
Published
2006-07-18
Page 5