Lucene search
K

11 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

ASPNuke 0.80 Language_Select.ASP HTTP Response Splitting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14063/info ASPNuke is prone to an HTTP response splitting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote attacker may exploit this vulnerability to...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/09/11 12:0 a.m.18 views

Month Of Abysssec Undisclosed Bugs - ASP Nuke 0.80

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | 0 " & "AND art.Archive = 0" Considering to the code, you can bro...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/10/02 12:0 a.m.53 views

ASP-Nuke <= 0.80 article.asp articleid变量远程SQL注入漏洞

BugCVE: CVE-2005-2067 BUGTRAQ: 13318 ASP-Nuke处理用户请求时存在输入验证漏洞,远程攻击者可以利用此漏洞非授权访问数据库。 ASP-Nuke的article.asp脚本没有正确过滤articleid参数数据,远程攻击可以在输入中插入特定的SQL语句,从而非授权操作数据库,导致敏感信息泄露或ASP-Nuke被完全控制。 ASP-Nuke = 0.80 厂商补丁: ASP-Nuke -------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...

7.5CVSS6.7AI score0.01137EPSS
Exploits1
NVD
NVD
added 2005/06/29 4:0 a.m.15 views

CVE-2005-2066

SQL injection vulnerability in commentpost.asp in ASP Nuke 0.80 allows remote attackers to execute arbitrary SQL statements via the TaskID parameter...

7.5CVSS8.2AI score0.01137EPSS
Exploits0References3
NVD
NVD
added 2005/06/29 4:0 a.m.19 views

CVE-2005-2064

Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow remote attackers to inject arbitrary web script or HTML via the 1 email parameter to forgotpassword.asp, or the 2 FirstName, 3 LastName, 4 Username, 5 Password, 6 Address1, 7 Address2, 8 City, 9 ZipCode, 10 Email parameter to...

5CVSS6.1AI score0.02033EPSS
Exploits0References2
NVD
NVD
added 2005/06/29 4:0 a.m.13 views

CVE-2005-2065

HTTP response splitting vulnerability in languageselect.asp in ASP Nuke 0.80 allows remote attackers to spoof web content and poison web caches via CRLF "%0d%0a" sequences in the LangCode parameter...

5CVSS6.6AI score0.01854EPSS
Exploits0References2
CVE
CVE
added 2005/06/28 4:0 a.m.43 views

CVE-2005-2066

CVE-2005-2066 : A SQL injection vulnerability exists in the ASP Nuke 0.80 web application via the TaskID parameter in the file comment_post.asp. Remote attackers could execute arbitrary SQL statements, as reported by the NVD entry, with an impact described as partial confidentiality, integrity, a...

7.5CVSS8.6AI score0.01137EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2005/06/28 4:0 a.m.57 views

CVE-2005-2065

Affected product: ASP Nuke 0.80 (language_select.asp). Vulnerability: HTTP response splitting via CRLF ("%0d%0a") in the LangCode parameter. Impact (as stated): remote attackers can spoof web content and poison web caches. Root cause: unsafely untrusted LangCode parameter allowing CRLF sequences....

5CVSS7AI score0.01854EPSS
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2005/06/27 12:0 a.m.19 views

ASPNuke 0.80 - article.asp SQL Injection

ASPNuke 0.80 - article.asp SQL Injection !/usr/bin/perl T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m EXPLOIT FOR: ASPNuke ASP Portal Expl0it By: [email protected] Discovered By: Trap-Set Underground Hacking Team oilKarchacK GR33tz T0 == Alphaprogrammer -- oilKarchack -- theCephale...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2005/06/01 12:0 a.m.27 views

comasp.pl.txt

This is a multi-part message in MIME format. ------=NextPart000003901C5473D.C6C4A380 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable =20 !/usr/bin/perl use IO::Socket; use Getopt::Std; print "xASP NUKE 0.80 and below Comments.asp Sql Injection Exploit\n"...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2005/06/01 12:0 a.m.24 views

xpl_detail.pl.txt

This is a multi-part message in MIME format. ------=NextPart000003201C5473D.B3E3E000 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable http://icis.digitalparadox.org/exploits/xpldetail.pl =20 !/usr/bin/perl use IO::Socket; use Getopt::Std; print "xASP NUKE...

7.4AI score
Exploits0
Rows per page
Query Builder