CVE Tools

asp-nuke

Web & CMS Pluginsoss-project

13

Cumulative CVEs

6

Monthly snapshots

#13

Peak rank

Top products

Latest CVEs

The 13 most recently published vulnerabilities affecting asp-nuke.

CVE-2007-2892Cross-site scripting (XSS) vulnerability in news.asp in ASP-Nuke 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information...4.3May 30, 2007
CVE-2006-7152default.asp in ASP-Nuke Community 1.5 and earlier allows remote attackers to gain privileges by setting certain pseudo cookie values.8.5Mar 7, 2007
CVE-2006-6070SQL injection vulnerability in module/account/register/register.asp in ASP Nuke 0.80 and earlier allows remote attackers to execute arbitrary SQL commands via the StateCode parameter.7.5Nov 22, 2006
CVE-2005-2067SQL injection vulnerability in article.asp in unknown versions of aspnuke allows remote attackers to execute arbitrary SQL commands via the articleid parameter.7.5Jun 28, 2005
CVE-2005-2066SQL injection vulnerability in comment_post.asp in ASP Nuke 0.80 allows remote attackers to execute arbitrary SQL statements via the TaskID parameter.7.5Jun 28, 2005
CVE-2005-2065HTTP response splitting vulnerability in language_select.asp in ASP Nuke 0.80 allows remote attackers to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the LangCode parame...5.0Jun 28, 2005
CVE-2005-2064Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to forgot_password.asp, or the (2) FirstName...5.0Jun 28, 2005
CVE-2004-1788ASP-Nuke 1.3 and earlier places user credentials under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to ...5.0May 10, 2005
CVE-2002-0524ASP-Nuke RC2 and earlier allows remote attackers to determine the absolute path of the server by (1) calling database-inc.asp with incorrect cookies, or (2) calling Post.asp with certain arguments,...5.0Jun 11, 2002
CVE-2002-0523ASP-Nuke RC2 and earlier allows remote attackers to list all logged-in users by submitting an invalid "pseudo" cookie.5.0Jun 11, 2002
CVE-2002-0522ASP-Nuke RC2 and earlier allows remote attackers to bypass authentication and gain privileges by modifying the "pseudo" cookie.7.5Jun 11, 2002
CVE-2002-0521Cross-site scripting vulnerabilities in ASP-Nuke RC2 and earlier allow remote attackers to execute script or gain privileges as other ASP-Nuke users via script in (1) the name parameter in download...5.1Jun 11, 2002
CVE-2002-0520Cross-site scripting vulnerability in functions-inc.asp for ASP-Nuke RC1 allows remote attackers to execute script as other ASP-Nuke users by embedding it within an IMG tag.7.5Jun 11, 2002