RSS   Vulnerabilities for 'Dnnarticle'   RSS

2018-04-04
 
CVE-2018-9126

CWE-200
 

 
The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI.

 
2014-03-12
 
CVE-2013-5117

CWE-89
 

 
SQL injection vulnerability in the RSS page (DNNArticleRSS.aspx) in the ZLDNN DNNArticle module before 10.1 for DotNetNuke allows remote attackers to execute arbitrary SQL commands via the categoryid parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top