CVE-2008-7102

Name of the Vulnerable Software and Affected Versions DotNetNuke versions 2.0 through 4.8.4

Description The issue allows remote attackers to load .ascx files instead of skin files, and possibly access privileged functionality, via unknown vectors related to parameter validation.

Recommendations For versions 2.0 through 4.8.4, consider restricting access to .ascx files to minimize the risk of exploitation. As a temporary workaround, review and strengthen parameter validation to prevent unauthorized access to privileged functionality. At the moment, there is no information about a newer version that contains a fix for this vulnerability.