Lucene search
K

51 matches found

CVE
CVE
added 2008/09/02 3:0 p.m.36 views

CVE-2008-3888

The CVE concerns Mini-NUKE Freehost 2.3, where a SQL injection vulnerability exists in members.asp. The flaw allows remote attackers to send a crafted uid in the member_details action to execute arbitrary SQL commands. Exploitation details or live exploit info are not provided in the documents. N...

7.5CVSS8.3AI score0.00893EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2008/09/02 3:0 p.m.23 views

CVE-2008-3888

SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a memberdetails action...

8.3AI score0.00893EPSS
Exploits0References1
securityvulns
securityvulns
added 2008/08/26 12:0 a.m.114 views

Mini-NUKE v2.3 Freehost (tr) Multiple Remote SQL Injection Vulnerabilities

Exploits admin user name : http://localhost/mininuke/members.asp?action=memberdetails&uid=1+union+select+0,kuladi,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+members+where+seviye=1 admin password :...

0.6AI score
Exploits0
Prion
Prion
added 2006/06/01 10:2 a.m.11 views

Sql injection

SQL injection vulnerability in YourAccount.asp in Mini-Nuke 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 yas1, 2 yas2, and 3 yas3 parameters...

7.5CVSS9.1AI score0.02008EPSS
Exploits1References9Affected Software1
NVD
NVD
added 2006/06/01 10:2 a.m.23 views

CVE-2006-2734

enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter, which bypasses a verification step because the gguvenlik parameter is assumed to be immutable by...

5CVSS6.8AI score0.01564EPSS
Exploits1References4
NVD
NVD
added 2006/06/01 10:2 a.m.16 views

CVE-2006-2732

SQL injection vulnerability in YourAccount.asp in Mini-Nuke 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 yas1, 2 yas2, and 3 yas3 parameters...

7.5CVSS8.4AI score0.02008EPSS
Exploits1References9
Cvelist
Cvelist
added 2006/06/01 10:0 a.m.20 views

CVE-2006-2734

enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter, which bypasses a verification step because the gguvenlik parameter is assumed to be immutable by...

6.8AI score0.01564EPSS
Exploits1References4
Cvelist
Cvelist
added 2006/06/01 10:0 a.m.20 views

CVE-2006-2732

SQL injection vulnerability in YourAccount.asp in Mini-Nuke 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 yas1, 2 yas2, and 3 yas3 parameters...

8.4AI score0.02008EPSS
Exploits1References9
CVE
CVE
added 2006/06/01 10:0 a.m.52 views

CVE-2006-2734

CVE-2006-2734 concerns enter.asp in Mini-Nuke 2.3 and earlier. The vulnerability stems from the gguvenlik/guvenlik parameter handling: an attacker can set guvenlik to the same value as the hidden gguvenlik parameter, bypassing a verification step that relies on gguvenlik being immutable. This ena...

5CVSS6.8AI score0.01564EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2006/06/01 10:0 a.m.43 views

CVE-2006-2733

CVE-2006-2733 affects Mini-Nuke 2.3 and earlier. The issue is in membership.asp where plaintext security codes are used, allowing remote attackers to register multiple times via automated scripts. The connected documents confirm the product/version range and the vulnerability mechanism; no mitiga...

5CVSS6.8AI score0.01409EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2006/06/01 10:0 a.m.25 views

CVE-2006-2733

membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security codes, which allows remote attackers to register multiple times via automated scripts...

6.8AI score0.01409EPSS
Exploits1References5
CVE
CVE
added 2006/06/01 10:0 a.m.45 views

CVE-2006-2732

The CVE-2006-2732 entry concerns a SQL injection vulnerability in Mini-Nuke 2.3 and earlier, specifically in Your_Account.asp. The underlying issue is that the parameters yas_1, yas_2, and yas_3 can be manipulated to inject arbitrary SQL, enabling remote command execution on affected installation...

7.5CVSS8.4AI score0.02008EPSS
Exploits1References9Affected Software1
exploitpack
exploitpack
added 2006/05/29 12:0 a.m.8 views

Mini-NUKE 2.3 - Your_Account.asp Multiple SQL Injections

Mini-NUKE 2.3 - YourAccount.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/18126/info Mini-NUKE is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/05/29 12:0 a.m.20 views

Mini-NUKE 2.3 - 'Your_Account.asp' Multiple SQL Injections

source: https://www.securityfocus.com/bid/18126/info Mini-NUKE is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploits could allow an attacker to compromis...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/04/21 12:0 a.m.36 views

Mini-NUKE v2.3<<--- SQL Injection

============================================ foud by:::.CrAzY CrAcKeR.::: ::::..alshmokh team..:::: Site: http://www.alshmokh.com nono225-mHOn-rageh-port-Lover hacker-Breeeeh ============================================ ----example: 1 http://www.target.com/pages.asp?id=SQL Injection...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2006/03/27 12:0 a.m.27 views

Mini-NUKE v1.8

= Mini-NUKE v1.8 = Autore: SpiderZ = sito: www.spiderz.tk = Attacco: XSS = file: Search.asp Url: http://www.sito.com/search.phpscript/script Script: nrw&la="scriptalert"Xss by SpiderZ"/script Risultato:...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2006/03/26 12:0 a.m.31 views

New exploit by SpiderZ

Author: SpiderZ Exploit 01 phpBB 2.0.19 Topic infinitely exploit multiple topic http://spiderz.netsons.org/1.txt Exploit 02 Mini-Nuke v1.8 XSS http://spiderz.netsons.org/3.txt Exploit 03 CuteCast Version 1.2 multiple users http://spiderz.netsons.org/4.txt Exploit 04 IPB v1.x upload html .gif...

1AI score
Exploits0
Prion
Prion
added 2006/03/23 11:6 a.m.13 views

Sql injection

Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the uid parameter in a members.asp, the 2 catid parameter in b articles.asp and c programs.asp, and the 3 id parameter in d hpages.asp and e forum.asp...

7.5CVSS8.9AI score0.0213EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2006/03/23 11:6 a.m.14 views

CVE-2006-1362

Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the uid parameter in a members.asp, the 2 catid parameter in b articles.asp and c programs.asp, and the 3 id parameter in d hpages.asp and e forum.asp...

7.5CVSS8.4AI score0.01214EPSS
Exploits0References4
Cvelist
Cvelist
added 2006/03/23 11:0 a.m.17 views

CVE-2006-1362

Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the uid parameter in a members.asp, the 2 catid parameter in b articles.asp and c programs.asp, and the 3 id parameter in d hpages.asp and e forum.asp...

8.4AI score0.01214EPSS
Exploits0References4
Rows per page
Query Builder