Unrated severityNVD Advisory· Published Nov 29, 2009· Updated Apr 24, 2026
CVE-2009-4109
CVE-2009-4109
Description
The install wizard in DotNetNuke 4.0 through 5.1.4 does not prevent anonymous users from accessing functionality related to determination of the need for an upgrade, which allows remote attackers to access version information and possibly other sensitive information.
Affected products
24cpe:2.3:a:dnnsoftware:dotnetnuke:4.0:*:*:*:*:*:*:*+ 23 more
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.9:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:4.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:dnnsoftware:dotnetnuke:5.1.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- secunia.com/advisories/37480nvdVendor Advisory
- www.dotnetnuke.com/News/SecurityPolicy/securitybulletinno30/tabid/1449/Default.aspxnvdVendor Advisory
- osvdb.org/60520nvd
- www.securityfocus.com/bid/37139nvd
News mentions
0No linked articles in our index yet.