Vulnerabilidades em dnnsoftware
34 resultadosCVE-2025-64095CRITICALDNN Insufficient Access Control - Image Upload allows for Site Content OverwriteEPSS 44.2%CVE-2025-52488HIGHDNN.PLATFORM leaks NTLM hash via SMB Share Interaction with malicious user inputEPSS 29.3%CVE-2026-40321HIGHDotNetNuke.Core has stored cross-site-scripting (XSS) via SVG uploadEPSS 7.6%CVE-2021-40186MEDIUMDNN CMS Server-Side Request Forgery (SSRF)EPSS 1.0%CVE-2022-2922MEDIUMRelative Path Traversal in dnnsoftware/dnn.platformEPSS 1.0%CVE-2025-59545CRITICALDNN Vulnerable to Stored Cross-Site Scripting (XSS) in the Prompt moduleEPSS 0.5%CVE-2025-59535MEDIUMDotNetNuke.Core allows loading of unused themes on anonymous clients through query parametersEPSS 0.3%CVE-2025-32374MEDIUMPossible Denial of Service (DoS) in DNN.PLATFORM registrationEPSS 0.3%CVE-2025-32372MEDIUMServer-Side Request Forgery (SSRF) in DotNetNuke.CoreEPSS 0.3%CVE-2025-32373MEDIUMDNN allows a registered user to enumerate and access files they should not have access toEPSS 0.3%CVE-2025-52487HIGHDNN.PLATFORM possibly allows bypass of IP FiltersEPSS 0.3%CVE-2020-37103MEDIUMDotNetNuke 9.5 - Persistent Cross-Site ScriptingEPSS 0.3%CVE-2025-32036MEDIUMDNN allows the possibility of bypassing CaptchaEPSS 0.3%CVE-2026-24837HIGHDotNetNuke.Core Vulnerable to Stored XSS in Module Deletion Confirmation ModalEPSS 0.2%CVE-2025-59547MEDIUMDNN's CKEditor File Uploader functionality vulnerable through Unicode obfuscationEPSS 0.2%CVE-2025-32371MEDIUMUnexpected external content may be displayed in DNN ImageHandlerEPSS 0.2%CVE-2025-48378MEDIUMDnn.Platform vulnerable to Stored Cross-Site Scripting (XSS) with svg files rendered inlineEPSS 0.2%CVE-2026-24836HIGHDotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotesEPSS 0.2%CVE-2025-48376LOWDnn.Platform's Site Import could use an external source with a crafted requestEPSS 0.2%CVE-2025-52486MEDIUMDNN.PLATFORM Allows Reflected Cross-Site Scripting (XSS) in some TokenReplace situations with SkinObjectsEPSS 0.2%