CVE-2006-0203

2006-01-13T23:03:00
ID CVE-2006-0203
Type cve
Reporter cve@mitre.org
Modified 2018-10-19T15:43:00

Description

membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter.