CVE-2006-0203

The CVE-2006-0203 entry affects Mini-Nuke CMS System 1.8.2 and earlier. The vulnerability arises because membership.asp does not verify the old password when a user changes their password, enabling remote attackers to alter other members’ passwords by abusing a lostpassnew action with a modified ...

CVE-2006-0199

CVE-2006-0199 describes a SQL injection vulnerability in the Mini-Nuke CMS System up to version 1.8.2, exploitable via the hid parameter in news.asp. The issue allows remote attackers to execute arbitrary SQL commands. The available connected documents confirm the affected component and the injec...