SQL injection vulnerability in DotNetNuke (formerly IBuySpy Workshop) 1.0.6 through 1.0.10d allows remote attackers to modify the backend database via the (1) table and (2) field parameters in LinkClick.aspx.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Dnnsoftware |
|
Configuration 1 [-]
|
No data.
No data.
References
History
Fri, 24 Apr 2026 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Dnnsoftware
Dnnsoftware dotnetnuke |
|
| CPEs | cpe:2.3:a:dotnetnuke:dotnetnuke:1.0.6:*:*:*:*:*:*:* cpe:2.3:a:dotnetnuke:dotnetnuke:1.0.7:*:*:*:*:*:*:* cpe:2.3:a:dotnetnuke:dotnetnuke:1.0.8:*:*:*:*:*:*:* cpe:2.3:a:dotnetnuke:dotnetnuke:1.0.9:*:*:*:*:*:*:* |
cpe:2.3:a:dnnsoftware:dotnetnuke:1.0.10d:*:*:*:*:*:*:* cpe:2.3:a:dnnsoftware:dotnetnuke:1.0.6:*:*:*:*:*:*:* cpe:2.3:a:dnnsoftware:dotnetnuke:1.0.7:*:*:*:*:*:*:* cpe:2.3:a:dnnsoftware:dotnetnuke:1.0.8:*:*:*:*:*:*:* cpe:2.3:a:dnnsoftware:dotnetnuke:1.0.9:*:*:*:*:*:*:* |
| Vendors & Products |
Dotnetnuke
Dotnetnuke dotnetnuke |
Dnnsoftware
Dnnsoftware dotnetnuke |
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-08T01:22:13.675Z
Reserved: 2005-08-16T00:00:00.000Z
Link: CVE-2004-2324
Vulnrichment
No data.
NVD
Status : Modified
Published: 2004-12-31T05:00:00.000
Modified: 2026-04-24T17:34:37.240
Link: CVE-2004-2324
Redhat
No data.
OpenCVE Enrichment
No data.