default.asp in ASP-Nuke Community 1.5 and earlier allows remote attackers to gain privileges by setting certain pseudo cookie values.
Max CVSS
8.5
EPSS Score
1.81%
Published
2007-03-07
Updated
2017-10-11
SQL injection vulnerability in module/account/register/register.asp in ASP Nuke 0.80 and earlier allows remote attackers to execute arbitrary SQL commands via the StateCode parameter.
Max CVSS
7.5
EPSS Score
0.35%
Published
2006-11-22
Updated
2018-10-17
SQL injection vulnerability in article.asp in unknown versions of aspnuke allows remote attackers to execute arbitrary SQL commands via the articleid parameter.
Max CVSS
7.5
EPSS Score
0.26%
Published
2005-06-29
Updated
2016-10-18
SQL injection vulnerability in comment_post.asp in ASP Nuke 0.80 allows remote attackers to execute arbitrary SQL statements via the TaskID parameter.
Max CVSS
7.5
EPSS Score
0.26%
Published
2005-06-29
Updated
2016-10-18
ASP-Nuke RC2 and earlier allows remote attackers to bypass authentication and gain privileges by modifying the "pseudo" cookie.
Max CVSS
7.5
EPSS Score
0.45%
Published
2002-08-12
Updated
2008-09-05
Cross-site scripting vulnerability in functions-inc.asp for ASP-Nuke RC1 allows remote attackers to execute script as other ASP-Nuke users by embedding it within an IMG tag.
Max CVSS
7.5
EPSS Score
1.22%
Published
2002-08-12
Updated
2008-09-05
6 vulnerabilities found