Mini-nuke » Cms System : Security Vulnerabilities, CVEs, CVSS score >= 1
membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter.
Max CVSS
5.0
EPSS Score
1.72%
Published
2006-01-13
Updated
2018-10-19
SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter.
Max CVSS
7.5
EPSS Score
2.24%
Published
2006-01-13
Updated
2018-10-19
2 vulnerabilities found