What is the severity of CVE-2008-7102?

CVE-2008-7102 has a medium severity due to its potential for allowing remote attackers to access sensitive functionality.

How do I fix CVE-2008-7102?

To fix CVE-2008-7102, update your DotNetNuke installation to version 4.9.0 or later which addresses this vulnerability.

What are the affected versions for CVE-2008-7102?

CVE-2008-7102 affects DotNetNuke versions from 2.0 up to and including 4.8.4.

What type of vulnerability is CVE-2008-7102?

CVE-2008-7102 is classified as a vulnerability that allows remote file inclusion due to improper parameter validation.

Can I still use DotNetNuke versions affected by CVE-2008-7102?

Using affected versions of DotNetNuke is not recommended as they are vulnerable to potential exploitation.

Vulnerability/
CVE-2008-7102

high

7.5

CWE

27/8/2009

7/8/2024

CVE-2008-7102: Input Validation

First published: Thu Aug 27 2009(Updated: )

DotNetNuke 2.0 through 4.8.4 allows remote attackers to load .ascx files instead of skin files, and possibly access privileged functionality, via unknown vectors related to parameter validation.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
DNN (DotNetNuke)	=2.1.1
DNN (DotNetNuke)	=2.1.2
DNN (DotNetNuke)	=3.0.7
DNN (DotNetNuke)	=3.0.8
DNN (DotNetNuke)	=3.0.11
DNN (DotNetNuke)	=3.1.0
DNN (DotNetNuke)	=3.3.5
DNN (DotNetNuke)	=4.0
DNN (DotNetNuke)	=4.3.5
DNN (DotNetNuke)	=4.4.1
DNN (DotNetNuke)	=4.5.2
DNN (DotNetNuke)	=4.5.4
DNN (DotNetNuke)	=4.5.5
DNN (DotNetNuke)	=4.6.0
DNN (DotNetNuke)	=4.6.1
DNN (DotNetNuke)	=4.6.2
DNN (DotNetNuke)	=4.7.0
DNN (DotNetNuke)	=4.8.0
DNN (DotNetNuke)	=4.8.1
DNN (DotNetNuke)	=4.8.2
DNN (DotNetNuke)	=4.8.3
DNN (DotNetNuke)	=4.8.4

Remedy

http://www.dotnetnuke.com/News/SecurityPolicy/Securitybulletinno23/tabid/1176/Default.aspx

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-7102?
CVE-2008-7102 has a medium severity due to its potential for allowing remote attackers to access sensitive functionality.
How do I fix CVE-2008-7102?
To fix CVE-2008-7102, update your DotNetNuke installation to version 4.9.0 or later which addresses this vulnerability.
What are the affected versions for CVE-2008-7102?
CVE-2008-7102 affects DotNetNuke versions from 2.0 up to and including 4.8.4.
What type of vulnerability is CVE-2008-7102?
CVE-2008-7102 is classified as a vulnerability that allows remote file inclusion due to improper parameter validation.
Can I still use DotNetNuke versions affected by CVE-2008-7102?
Using affected versions of DotNetNuke is not recommended as they are vulnerable to potential exploitation.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/references
agent/weakness
agent/author
agent/remedy
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/dotnetnuke
canonical/dnn (dotnetnuke)
version/dnn (dotnetnuke)/2.1.1
version/dnn (dotnetnuke)/2.1.2
version/dnn (dotnetnuke)/3.0.7
version/dnn (dotnetnuke)/3.0.8
version/dnn (dotnetnuke)/3.0.11
version/dnn (dotnetnuke)/3.1.0
version/dnn (dotnetnuke)/3.3.5
version/dnn (dotnetnuke)/4.0
version/dnn (dotnetnuke)/4.3.5
version/dnn (dotnetnuke)/4.4.1
version/dnn (dotnetnuke)/4.5.2
version/dnn (dotnetnuke)/4.5.4
version/dnn (dotnetnuke)/4.5.5
version/dnn (dotnetnuke)/4.6.0
version/dnn (dotnetnuke)/4.6.1
version/dnn (dotnetnuke)/4.6.2
version/dnn (dotnetnuke)/4.7.0
version/dnn (dotnetnuke)/4.8.0
version/dnn (dotnetnuke)/4.8.1
version/dnn (dotnetnuke)/4.8.2
version/dnn (dotnetnuke)/4.8.3
version/dnn (dotnetnuke)/4.8.4