QwikSec

Security Database

CVE

CWE

Training

CVE-2008-6542

Published: Mar 30, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Unspecified vulnerability in the Skin Manager in DotNetNuke before 4.8.2 allows remote authenticated administrators to perform "server-side execution of application logic" by uploading a static file that is converted into a dynamic script via unknown vectors related to HTM or HTML files.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.dotnetnuke.com/News/SecurityBulletins/SecurityBulletinno13/tabid/1149/Default.aspx

x_refsource_CONFIRM

dotnetnuke-skinmanager-unspecified(49767)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.