CVE-2008-6541
DotNetNuke < 4.8.2 - Authenticated Arbitrary File Upload via File Manager Module
Title source: llmDescription
Unrestricted file upload vulnerability in the file manager module in DotNetNuke before 4.8.2 allows remote administrators to upload arbitrary files and gain privileges to the server via unspecified vectors.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
http://www.dotnetnuke.com/News/SecurityBulletins/SecurityBulletinno11/tabid/1147/Default.aspx
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29488
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/43719
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28438
Scores
EPSS
0.0101
EPSS Percentile
58.9%
Details
CWE
CWE-20
Status
published
Products (34)
dnnsoftware/dotnetnuke
1.0.6
dnnsoftware/dotnetnuke
1.0.7
dnnsoftware/dotnetnuke
1.0.8
dnnsoftware/dotnetnuke
1.0.9
dnnsoftware/dotnetnuke
1.0.10d
dnnsoftware/dotnetnuke
1.0.10e
dnnsoftware/dotnetnuke
2.1.1
dnnsoftware/dotnetnuke
2.1.2
dnnsoftware/dotnetnuke
3.0.7
dnnsoftware/dotnetnuke
3.0.8
... and 24 more
Published
Mar 30, 2009
Tracked Since
Feb 18, 2026