CVE-2018-9126

CRITICAL

DNNArticle 11 for DNN - Unauthenticated Sensitive Information Exposure via GetCSS.ashx URI

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-9126. PoCs published by Esmaeil Rahimian.

AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in the DNNArticle module for DNN (DotNetNuke) that allows remote attackers to read the web.config file via a crafted URI. The PoC demonstrates how an attacker can access sensitive database credentials.

Description

The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI.

Exploits (1)

exploitdb WRITEUP
by Esmaeil Rahimian · textwebappswindows
https://www.exploit-db.com/exploits/44414

The exploit describes a directory traversal vulnerability in the DNNArticle module for DNN (DotNetNuke) that allows remote attackers to read the web.config file via a crafted URI. The PoC demonstrates how an attacker can access sensitive database credentials.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: DNNArticle Module for DNN (DotNetNuke) - Version 11
No auth needed
Prerequisites: Access to the target DNN instance with the vulnerable DNNArticle module installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/146999/DotNetNuke-DNNarticle-Directory-Traversal.html
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44414/

Scores

CVSS v3 9.8
EPSS 0.5024
EPSS Percentile 98.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-200
Status published
Products (1)
zldnn/dnnarticle 11
Published Apr 04, 2018
Tracked Since Feb 18, 2026