Vulnerabilities > Nukedit > Nukedit > 4.9.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-12-15 | CVE-2008-5582 | SQL Injection vulnerability in Nukedit SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the email parameter. | 7.5 |
2006-06-01 | CVE-2006-2737 | Unspecified vulnerability in Nukedit utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary groups, including the administrative group, via a modified groupid parameter when creating a user via the addDB action. | 7.5 |