Vulnerabilities > ASP Nuke > ASP Nuke > rc1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-03-07 | CVE-2006-7152 | Privilege Escalation vulnerability in Asp-Nuke Community Cookie default.asp in ASP-Nuke Community 1.5 and earlier allows remote attackers to gain privileges by setting certain pseudo cookie values. network asp-nuke | 8.5 |
2002-08-12 | CVE-2002-0524 | Information Disclosure vulnerability in ASP-Nuke Forged Cookie ASP-Nuke RC2 and earlier allows remote attackers to determine the absolute path of the server by (1) calling database-inc.asp with incorrect cookies, or (2) calling Post.asp with certain arguments, which leak the pathname in an error message. | 5.0 |
2002-08-12 | CVE-2002-0523 | Information Disclosure vulnerability in ASP-Nuke Forged Cookie ASP-Nuke RC2 and earlier allows remote attackers to list all logged-in users by submitting an invalid "pseudo" cookie. | 5.0 |
2002-08-12 | CVE-2002-0522 | Authentication Credentials User Account Compromise vulnerability in ASP-Nuke Plaintext Cookie ASP-Nuke RC2 and earlier allows remote attackers to bypass authentication and gain privileges by modifying the "pseudo" cookie. | 7.5 |
2002-08-12 | CVE-2002-0521 | Cross-Site Scripting vulnerability in ASP-Nuke Cross-site scripting vulnerabilities in ASP-Nuke RC2 and earlier allow remote attackers to execute script or gain privileges as other ASP-Nuke users via script in (1) the name parameter in downloads.asp, (2) the message parameter in Post.asp, or (3) a web site URL in profile.asp. | 5.1 |
2002-08-12 | CVE-2002-0520 | Unspecified vulnerability in Asp-Nuke RC1 Cross-site scripting vulnerability in functions-inc.asp for ASP-Nuke RC1 allows remote attackers to execute script as other ASP-Nuke users by embedding it within an IMG tag. | 7.5 |