3 matches found
CVE-2006-0203
membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter...
CVE-2006-0203
The CVE-2006-0203 entry affects Mini-Nuke CMS System 1.8.2 and earlier. The vulnerability arises because membership.asp does not verify the old password when a user changes their password, enabling remote attackers to alter other members’ passwords by abusing a lostpassnew action with a modified ...
CVE-2006-0203
membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter...