Vulnerabilities > Zldnn
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-04-04 | CVE-2018-9126 | Information Exposure vulnerability in Zldnn Dnnarticle 11 The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI. | 5.0 |
2014-03-12 | CVE-2013-5117 | SQL Injection vulnerability in Zldnn Dnnarticle SQL injection vulnerability in the RSS page (DNNArticleRSS.aspx) in the ZLDNN DNNArticle module before 10.1 for DotNetNuke allows remote attackers to execute arbitrary SQL commands via the categoryid parameter. | 7.5 |