CVE-2008-6541

DotNetNuke < 4.8.2 - Authenticated Arbitrary File Upload via File Manager Module

Title source: llm
STIX 2.1

Description

Unrestricted file upload vulnerability in the file manager module in DotNetNuke before 4.8.2 allows remote administrators to upload arbitrary files and gain privileges to the server via unspecified vectors.

References (4)

Core 4
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29488
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/43719
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/28438

Scores

EPSS 0.0101
EPSS Percentile 58.9%

Details

CWE
CWE-20
Status published
Products (34)
dnnsoftware/dotnetnuke 1.0.6
dnnsoftware/dotnetnuke 1.0.7
dnnsoftware/dotnetnuke 1.0.8
dnnsoftware/dotnetnuke 1.0.9
dnnsoftware/dotnetnuke 1.0.10d
dnnsoftware/dotnetnuke 1.0.10e
dnnsoftware/dotnetnuke 2.1.1
dnnsoftware/dotnetnuke 2.1.2
dnnsoftware/dotnetnuke 3.0.7
dnnsoftware/dotnetnuke 3.0.8
... and 24 more
Published Mar 30, 2009
Tracked Since Feb 18, 2026