Public CVE-2008-7101 disclosure

DotNetNuke 2.0 through 4.8.4 allows remote attackers to load .ascx files instead of skin files, and possibly access privileged functionality, via unknown vectors related to parameter validation.