DotNetNuke User-Agent String Application Logs HTML Injection Vulnerability

Bugtraq ID: 13646
Class: Input Validation Error
CVE: CVE-2005-0040
Remote: Yes
Local: No
Published: May 16 2005 12:00AM
Updated: Jul 12 2009 02:56PM
Credit: "Mark Woan" <m.woan@eris.qinetiq.com> is credited with the discovery of this vulnerability.
Vulnerable: DotNetNuke DotNetNuke 3.0.8
DotNetNuke DotNetNuke 3.0.7
DotNetNuke DotNetNuke 2.1.2
DotNetNuke DotNetNuke 2.1.1
DotNetNuke DotNetNuke 1.0.10 e
DotNetNuke DotNetNuke 1.0.10 d
DotNetNuke DotNetNuke 1.0.9
DotNetNuke DotNetNuke 1.0.8
DotNetNuke DotNetNuke 1.0.7
DotNetNuke DotNetNuke 1.0.6
Not Vulnerable: DotNetNuke DotNetNuke 3.1 .0


 

Privacy Statement
Copyright 2010, SecurityFocus