Mini-Nuke: >> Cms System Security Vulnerabilities
SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter.
CVSS Score
7.5
EPSS Score
0.025
Published
2006-01-13
membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter.
CVSS Score
5.0
EPSS Score
0.014
Published
2006-01-13