Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0870

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0870
Last Modified 05 Sep 2008 05:00:26
Published 23 Feb 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0870

Summary

SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: version 2.3 was later reported to be vulnerable as well.

Vulnerable Systems

Application

  • Mini-nuke Cms 1.8.2


References

XF - mininuke-pages-sql-injection(24803)

BID - 17636

BID - 16730

BUGTRAQ - 20060420 Mini-NUKE v2.3<<--- SQL Injection

BUGTRAQ - 20060321 Mini-Nuke<=1.8.2 SQL injection (6)

BUGTRAQ - 20060220 MiniNuke CMS System all versions (pages.asp) SQL Injection

OSVDB - 23438

MISC - http://www.nukedx.com/?viewdoc=9

SECUNIA - 18439

BUGTRAQ - 20060421 Re: Mini-NUKE v2.3<<--- SQL Injection


Last Updated: 27 May 2016 10:41:50