Vulnerabilities > Dnnsoftware > Dotnetnuke > 9.3.2

DATE CVE VULNERABILITY TITLE RISK
2022-09-30 CVE-2022-2922 Path Traversal vulnerability in Dnnsoftware Dotnetnuke
Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0.
network
low complexity
dnnsoftware CWE-22
4.9
4.9
2022-06-02 CVE-2021-40186 Server-Side Request Forgery (SSRF) vulnerability in Dnnsoftware Dotnetnuke
The AppCheck research team identified a Server-Side Request Forgery (SSRF) vulnerability within the DNN CMS platform, formerly known as DotNetNuke.
network
low complexity
dnnsoftware CWE-918
5.0
5.0
2020-02-24 CVE-2020-5188 Unrestricted Upload of File with Dangerous Type vulnerability in Dnnsoftware Dotnetnuke
DNN (formerly DotNetNuke) through 9.4.4 has Insecure Permissions.
network
low complexity
dnnsoftware CWE-434
6.5
6.5
2020-02-24 CVE-2020-5187 Path Traversal vulnerability in Dnnsoftware Dotnetnuke
DNN (formerly DotNetNuke) through 9.4.4 allows Path Traversal (issue 2 of 2).
network
low complexity
dnnsoftware CWE-22
8.8
8.8
2020-02-24 CVE-2020-5186 Cross-site Scripting vulnerability in Dnnsoftware Dotnetnuke
DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2).
network
low complexity
dnnsoftware CWE-79
5.4
5.4
2019-09-26 CVE-2019-12562 Cross-site Scripting vulnerability in Dnnsoftware Dotnetnuke
Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 allows remote attackers to store and embed the malicious script into the admin notification page. 		4.3
4.3