Vulnerabilities > Mini Nuke > Mini Nuke CMS
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-03-23 | CVE-2006-1362 | SQL-Injection vulnerability in Mini-Nuke Cms Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the uid parameter in (a) members.asp, the (2) catid parameter in (b) articles.asp and (c) programs.asp, and the (3) id parameter in (d) hpages.asp and (e) forum.asp. | 7.5 |
2006-02-23 | CVE-2006-0870 | SQL Injection vulnerability in MiniNuke CMS Pages.ASP SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |