PowerDNN Discovers and Patches Two Hyper-Critical Security Flaws in the Standard Dotnetnuke Framework

Share Article

Two hyper-critical security flaws have been discovered in DotNetNuke and patched by PowerDNN. A new security scanner can detect critical security holes.

PowerDNN, the leader in DotNetNuke Services and Solutions, has discovered and patched two hyper-critical security flaws in the standard DotNetNuke framework.

As of Yesterday evening at 9:47PM US Central Time, the PowerDNN Engineering Team, as lead by Mr. Tony Valenti and Mr. Joseph Ravioli, discovered two Hyper-Critical security flaws in the standard DotNetNuke Framework. If left unpatched, these security flaws would allow any website visitor to alter the DotNetNuke web.config file as well as remotely execute SQL scripts against the DotNetNuke database. Since last night, the entire PowerDNN engineering team has been working around the clock to create patches for all affected versions of DotNetNuke. As of 7:42PM US Central Time, these patches have been created and deployed to all PowerDNN customers.

PowerDNN will be gradually releasing more details to the general community regarding these vulnerabilities. We realize that because of the large number of people running un-patched, standard versions of DotNetNuke, it is especially important for us to approach this issue in a sensitive and confidential manner. To aide with this, an online DotNetNuke Website Scanner is now available from PowerDNN DNN Hosting.

About PowerDNN.com
Founded in 2002, PowerDNN.com is the full circle DotNetNuke solutions provider, servicing organizations ranging from small businesses to Fortune 500 Companies to the Federal Government of the United States of America. Specializing in high-reliability, business-critical DotNetNuke solutions, PowerDNN is the clear choice of business and technology experts who demand exceptional customer service and enterprise engineering support for DotNetNuke. Additional news and information about the company is available from PowerDNN Hosting


Share article on social media or email:

View article via:

Pdf Print

Contact Author

Tony Valenti

Email >

Tony Valenti
Email >