CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-5187

HIGH
8.8
CVSS Severity Score
EPSS Score0.1690%
EPSS Percentile17.42th
Published2020年2月24日
Last Modified2024年11月21日

Vulnerability Description

DNN (formerly DotNetNuke) through 9.4.4 allows Path Traversal (issue 2 of 2).

Affected Platforms (CPE)

📦
Dnnsoftware

Dotnetnuke

<= 9.4.4

References & Advisories

🔗 http://packetstormsecurity.com/files/156489/DotNetNuke-CMS-9.4.4-Zip-Directory-Traversal.html
🔗 https://github.com/dnnsoftware/Dnn.Platform/releases
🔗 https://medium.com/%40SajjadPourali/dnn-dotnetnuke-cms-not-as-secure-as-you-think-e8516f789175
🔗 http://packetstormsecurity.com/files/156489/DotNetNuke-CMS-9.4.4-Zip-Directory-Traversal.html
🔗 https://github.com/dnnsoftware/Dnn.Platform/releases
🔗 https://medium.com/%40SajjadPourali/dnn-dotnetnuke-cms-not-as-secure-as-you-think-e8516f789175

関連する脆弱性情報

CVE-2006-360110.0

** UNVERIFIABLE ** Unspecified vulnerability in an unspecified DNN Modules module for DotNetNuke (.net nuke) allows remote attack...

CVE-2015-27949.8

The installation wizard in DotNetNuke (DNN) before 7.4.1 allows remote attackers to reinstall the application and gain SuperUser a...

CVE-2019-193929.8

The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly DotNetNuke) allows an unprivileged user to import (create) new ...

CVE-2018-91269.8

The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web.config file, and consequently disco...