CVE-2008-6542 Information

Description

Unspecified vulnerability in the Skin Manager in DotNetNuke before 4.8.2 allows remote authenticated administrators to perform \server-side execution of application logic\ by uploading a static file that is converted into a dynamic script via unknown vectors related to HTM or HTML files.

Reference

http://osvdb.org/43721 http://secunia.com/advisories/29488 http://www.dotnetnuke.com/News/SecurityBulletins/SecurityBulletinno13/tabid/1149/Default.aspx http://www.securityfocus.com/bid/28438 https://exchange.xforce.ibmcloud.com/vulnerabilities/49767