Summary
The host is installed with DotNetNuke and is prone to security bypass vulnerability.
Impact
Successful exploitation could allows remote attackers to gain administrative privileges or compromise the affected system.
Impact Level: Application
Solution
Upgrade to DotNetNuke version 4.9.0 or latest
For updates refer to http://www.dotnetnuke.com/
Insight
The vulnerability is caused due improper validation of user data passed via unspecified parameters before being used to load skin files.
Affected
DotNetNuke versions 2.0 to 4.8.4.
References
Severity
Classification
-
CVE CVE-2008-7102 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities