Vulnerabilities > Dnnsoftware > Dotnetnuke > 9.2.0

DATE CVE VULNERABILITY TITLE RISK
2019-07-03 CVE-2018-15812 Insufficient Entropy vulnerability in Dnnsoftware Dotnetnuke 9.2/9.2.0/9.2.1
DNN (aka DotNetNuke) 9.2 through 9.2.1 incorrectly converts encryption key source values, resulting in lower than expected entropy.
network
low complexity
dnnsoftware CWE-331
7.5
7.5
2019-07-03 CVE-2018-15811 Inadequate Encryption Strength vulnerability in Dnnsoftware Dotnetnuke 9.2/9.2.0/9.2.1
DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.
network
low complexity
dnnsoftware CWE-326
7.5
7.5