Nukedit: >> Nukedit >> 4.9.3 Security Vulnerabilities
SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the email parameter.
CVSS Score
7.5
EPSS Score
0.001
Published
2008-12-15
utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary groups, including the administrative group, via a modified groupid parameter when creating a user via the addDB action.
CVSS Score
7.5
EPSS Score
0.096
Published
2006-06-01