51 matches found
CVE-2008-3888
The CVE concerns Mini-NUKE Freehost 2.3, where a SQL injection vulnerability exists in members.asp. The flaw allows remote attackers to send a crafted uid in the member_details action to execute arbitrary SQL commands. Exploitation details or live exploit info are not provided in the documents. N...
CVE-2008-3888
SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a memberdetails action...
Mini-NUKE v2.3 Freehost (tr) Multiple Remote SQL Injection Vulnerabilities
Exploits admin user name : http://localhost/mininuke/members.asp?action=memberdetails&uid=1+union+select+0,kuladi,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+members+where+seviye=1 admin password :...
Sql injection
SQL injection vulnerability in YourAccount.asp in Mini-Nuke 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 yas1, 2 yas2, and 3 yas3 parameters...
CVE-2006-2734
enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter, which bypasses a verification step because the gguvenlik parameter is assumed to be immutable by...
CVE-2006-2732
SQL injection vulnerability in YourAccount.asp in Mini-Nuke 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 yas1, 2 yas2, and 3 yas3 parameters...
CVE-2006-2734
enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter, which bypasses a verification step because the gguvenlik parameter is assumed to be immutable by...
CVE-2006-2732
SQL injection vulnerability in YourAccount.asp in Mini-Nuke 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the 1 yas1, 2 yas2, and 3 yas3 parameters...
CVE-2006-2734
CVE-2006-2734 concerns enter.asp in Mini-Nuke 2.3 and earlier. The vulnerability stems from the gguvenlik/guvenlik parameter handling: an attacker can set guvenlik to the same value as the hidden gguvenlik parameter, bypassing a verification step that relies on gguvenlik being immutable. This ena...
CVE-2006-2733
CVE-2006-2733 affects Mini-Nuke 2.3 and earlier. The issue is in membership.asp where plaintext security codes are used, allowing remote attackers to register multiple times via automated scripts. The connected documents confirm the product/version range and the vulnerability mechanism; no mitiga...
CVE-2006-2733
membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security codes, which allows remote attackers to register multiple times via automated scripts...
CVE-2006-2732
The CVE-2006-2732 entry concerns a SQL injection vulnerability in Mini-Nuke 2.3 and earlier, specifically in Your_Account.asp. The underlying issue is that the parameters yas_1, yas_2, and yas_3 can be manipulated to inject arbitrary SQL, enabling remote command execution on affected installation...
Mini-NUKE 2.3 - Your_Account.asp Multiple SQL Injections
Mini-NUKE 2.3 - YourAccount.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/18126/info Mini-NUKE is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...
Mini-NUKE 2.3 - 'Your_Account.asp' Multiple SQL Injections
source: https://www.securityfocus.com/bid/18126/info Mini-NUKE is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploits could allow an attacker to compromis...
Mini-NUKE v2.3<<--- SQL Injection
============================================ foud by:::.CrAzY CrAcKeR.::: ::::..alshmokh team..:::: Site: http://www.alshmokh.com nono225-mHOn-rageh-port-Lover hacker-Breeeeh ============================================ ----example: 1 http://www.target.com/pages.asp?id=SQL Injection...
Mini-NUKE v1.8
= Mini-NUKE v1.8 = Autore: SpiderZ = sito: www.spiderz.tk = Attacco: XSS = file: Search.asp Url: http://www.sito.com/search.phpscript/script Script: nrw&la="scriptalert"Xss by SpiderZ"/script Risultato:...
New exploit by SpiderZ
Author: SpiderZ Exploit 01 phpBB 2.0.19 Topic infinitely exploit multiple topic http://spiderz.netsons.org/1.txt Exploit 02 Mini-Nuke v1.8 XSS http://spiderz.netsons.org/3.txt Exploit 03 CuteCast Version 1.2 multiple users http://spiderz.netsons.org/4.txt Exploit 04 IPB v1.x upload html .gif...
Sql injection
Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the uid parameter in a members.asp, the 2 catid parameter in b articles.asp and c programs.asp, and the 3 id parameter in d hpages.asp and e forum.asp...
CVE-2006-1362
Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the uid parameter in a members.asp, the 2 catid parameter in b articles.asp and c programs.asp, and the 3 id parameter in d hpages.asp and e forum.asp...
CVE-2006-1362
Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the uid parameter in a members.asp, the 2 catid parameter in b articles.asp and c programs.asp, and the 3 id parameter in d hpages.asp and e forum.asp...