Unspecified vulnerability in the Skin Manager in DotNetNuke before 4.8.2 allows remote authenticated administrators to perform server-side execution of application logic by uploading a static file that is converted into a dynamic script via unknown vectors related to HTM or HTML files.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Dotnetnuke | Dotnetnuke | * | 4.8.1 (including) |
| Dotnetnuke | Dotnetnuke | 1.0.6 (including) | 1.0.6 (including) |
| Dotnetnuke | Dotnetnuke | 1.0.7 (including) | 1.0.7 (including) |
| Dotnetnuke | Dotnetnuke | 1.0.8 (including) | 1.0.8 (including) |
| Dotnetnuke | Dotnetnuke | 1.0.9 (including) | 1.0.9 (including) |
| Dotnetnuke | Dotnetnuke | 1.0.10d (including) | 1.0.10d (including) |
| Dotnetnuke | Dotnetnuke | 1.0.10e (including) | 1.0.10e (including) |
| Dotnetnuke | Dotnetnuke | 2.1.1 (including) | 2.1.1 (including) |
| Dotnetnuke | Dotnetnuke | 2.1.2 (including) | 2.1.2 (including) |
| Dotnetnuke | Dotnetnuke | 3.0.7 (including) | 3.0.7 (including) |
| Dotnetnuke | Dotnetnuke | 3.0.8 (including) | 3.0.8 (including) |
| Dotnetnuke | Dotnetnuke | 3.0.11 (including) | 3.0.11 (including) |
| Dotnetnuke | Dotnetnuke | 3.1.0 (including) | 3.1.0 (including) |
| Dotnetnuke | Dotnetnuke | 4.0 (including) | 4.0 (including) |
| Dotnetnuke | Dotnetnuke | 4.5.2 (including) | 4.5.2 (including) |