CVE-2015-2794: The installation wizard in DotNetNuke (DNN) allows privilege escalation

Severity: Critical

CVSS Score: 9.8

The installation wizard in DotNetNuke (DNN) before 7.4.1 allows remote attackers to reinstall the application and gain SuperUser access via a direct request to Install/InstallWizard.aspx.