Vulnerabilities > CVE-2006-3601 - Security vulnerability in DotNetNuke
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
** UNVERIFIABLE ** Unspecified vulnerability in an unspecified DNN Modules module for DotNetNuke (.net nuke) allows remote attackers to gain privileges via unspecified vectors, as used in an attack against the Microsoft France web site. NOTE: due to the lack of details and uncertainty about which product is affected, this claim is not independently verifiable.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | CGI abuses |
NASL id | BDPDT_CMD_EXEC.NASL |
description | The remote host contains BDPDT, a database abstraction layer used in various add-on modules for DotNetNuke. The installed version of the BDPDT contains an ASP.NET script that allows an unauthenticated attacker to gain control of the affected host by allowing uploading arbitrary files with the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 21747 |
published | 2006-06-23 |
reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/21747 |
title | BDPDT for DotNetNuke (.net nuke) uploadfilepopup.aspx File Upload Privilege Escalation |