Vulnerability Database
Blog
FAQ
Docs
CVE-2018-15811
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-15811
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-15811.json
Aliases
GHSA-h595-8pw6-5q6v
Published
2019-07-03T17:15:10Z
Modified
2023-11-29T06:28:17.275771Z
Details
DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.
References
http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.html
https://www.dnnsoftware.com/community/security/security-center
https://github.com/dnnsoftware/Dnn.Platform/releases
Affected packages
Git
/
github.com/dnnsoftware/dnn.platform
Affected ranges
Type
GIT
Repo
https://github.com/dnnsoftware/dnn.platform
Events
Introduced
230f949b98ef1f4d456dbd891f21b4f5ffdf6bb9
Last affected
cbb869e0a4ef1a08908ac73c6d55edf9c7db0b88
Affected versions
v9.*
v9.2.0
v9.2.1
v9.2.1-rc0
v9.2.1-rc1
CVE-2018-15811 - OSV