CVE-2008-6541

EUVD-2008-6507
Unrestricted file upload vulnerability in the file manager module in DotNetNuke before 4.8.2 allows remote administrators to upload arbitrary files and gain privileges to the server via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
Affected Products (NVD)
VendorProductVersion
dotnetnukedotnetnuke
𝑥
≤ 4.8.1
dotnetnukedotnetnuke
1.0.6
dotnetnukedotnetnuke
1.0.7
dotnetnukedotnetnuke
1.0.8
dotnetnukedotnetnuke
1.0.9
dotnetnukedotnetnuke
1.0.10d:d
dotnetnukedotnetnuke
1.0.10e:e
dotnetnukedotnetnuke
2.1.1
dotnetnukedotnetnuke
2.1.2
dotnetnukedotnetnuke
3.0.7
dotnetnukedotnetnuke
3.0.8
dotnetnukedotnetnuke
3.0.11
dotnetnukedotnetnuke
3.1.0
dotnetnukedotnetnuke
3.3.5
dotnetnukedotnetnuke
4.0
dotnetnukedotnetnuke
4.3.5
dotnetnukedotnetnuke
4.5.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/43719
http://secunia.com/advisories/29488
http://www.dotnetnuke.com/News/SecurityBulletins/SecurityBulletinno11/tabid/1147/Default.aspx
http://www.securityfocus.com/bid/28438
http://osvdb.org/43719
http://secunia.com/advisories/29488
http://www.dotnetnuke.com/News/SecurityBulletins/SecurityBulletinno11/tabid/1147/Default.aspx
http://www.securityfocus.com/bid/28438