Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    14 vulnerabilities by mini-nuke

    CVE-2006-2732 (GCVE-0-2006-2732)

    Vulnerability from nvd – Published: 2006-06-01 10:00 – Updated: 2024-08-07 17:58
    VLAI
    Summary
    SQL injection vulnerability in Your_Account.asp in Mini-Nuke 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) yas_1, (2) yas_2, and (3) yas_3 parameters.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1016170 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/20317 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/18126 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/435279/100… mailing-listx_refsource_BUGTRAQ
    http://www.nukedx.com/?viewdoc=31 x_refsource_MISC
    http://www.nukedx.com/?getxpl=31 x_refsource_MISC
    http://www.vupen.com/english/advisories/2006/2031 vdb-entryx_refsource_VUPEN
    http://securityreason.com/securityalert/1002 third-party-advisoryx_refsource_SREASON
    Date Public
    2006-05-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:58:51.922Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1016170",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016170"
              },
              {
                "name": "mininuke-youraccount-sql-injection(26816)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26816"
              },
              {
                "name": "20317",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20317"
              },
              {
                "name": "18126",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18126"
              },
              {
                "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?viewdoc=31"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?getxpl=31"
              },
              {
                "name": "ADV-2006-2031",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2031"
              },
              {
                "name": "1002",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1002"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in Your_Account.asp in Mini-Nuke 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) yas_1, (2) yas_2, and (3) yas_3 parameters."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1016170",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016170"
            },
            {
              "name": "mininuke-youraccount-sql-injection(26816)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26816"
            },
            {
              "name": "20317",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20317"
            },
            {
              "name": "18126",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18126"
            },
            {
              "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?viewdoc=31"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?getxpl=31"
            },
            {
              "name": "ADV-2006-2031",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2031"
            },
            {
              "name": "1002",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1002"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2732",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in Your_Account.asp in Mini-Nuke 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) yas_1, (2) yas_2, and (3) yas_3 parameters."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1016170",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016170"
                },
                {
                  "name": "mininuke-youraccount-sql-injection(26816)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26816"
                },
                {
                  "name": "20317",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20317"
                },
                {
                  "name": "18126",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/18126"
                },
                {
                  "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
                },
                {
                  "name": "http://www.nukedx.com/?viewdoc=31",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?viewdoc=31"
                },
                {
                  "name": "http://www.nukedx.com/?getxpl=31",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?getxpl=31"
                },
                {
                  "name": "ADV-2006-2031",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2031"
                },
                {
                  "name": "1002",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1002"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2732",
        "datePublished": "2006-06-01T10:00:00.000Z",
        "dateReserved": "2006-06-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:58:51.922Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2733 (GCVE-0-2006-2733)

    Vulnerability from nvd – Published: 2006-06-01 10:00 – Updated: 2024-08-07 17:58
    VLAI
    Summary
    membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security codes, which allows remote attackers to register multiple times via automated scripts.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/20317 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/435279/100… mailing-listx_refsource_BUGTRAQ
    http://www.nukedx.com/?viewdoc=31 x_refsource_MISC
    http://www.nukedx.com/?getxpl=31 x_refsource_MISC
    http://securityreason.com/securityalert/1002 third-party-advisoryx_refsource_SREASON
    Date Public
    2006-05-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:58:52.005Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20317",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20317"
              },
              {
                "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?viewdoc=31"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?getxpl=31"
              },
              {
                "name": "1002",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1002"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security codes, which allows remote attackers to register multiple times via automated scripts."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20317",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20317"
            },
            {
              "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?viewdoc=31"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?getxpl=31"
            },
            {
              "name": "1002",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1002"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2733",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security codes, which allows remote attackers to register multiple times via automated scripts."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20317",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20317"
                },
                {
                  "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
                },
                {
                  "name": "http://www.nukedx.com/?viewdoc=31",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?viewdoc=31"
                },
                {
                  "name": "http://www.nukedx.com/?getxpl=31",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?getxpl=31"
                },
                {
                  "name": "1002",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1002"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2733",
        "datePublished": "2006-06-01T10:00:00.000Z",
        "dateReserved": "2006-06-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:58:52.005Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2734 (GCVE-0-2006-2734)

    Vulnerability from nvd – Published: 2006-06-01 10:00 – Updated: 2024-08-07 17:58
    VLAI
    Summary
    enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter, which bypasses a verification step because the gguvenlik parameter is assumed to be immutable by the attacker.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/435279/100… mailing-listx_refsource_BUGTRAQ
    http://www.nukedx.com/?viewdoc=31 x_refsource_MISC
    http://www.nukedx.com/?getxpl=31 x_refsource_MISC
    http://securityreason.com/securityalert/1002 third-party-advisoryx_refsource_SREASON
    Date Public
    2006-05-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:58:51.998Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?viewdoc=31"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?getxpl=31"
              },
              {
                "name": "1002",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1002"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter, which bypasses a verification step because the gguvenlik parameter is assumed to be immutable by the attacker."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?viewdoc=31"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?getxpl=31"
            },
            {
              "name": "1002",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1002"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2734",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter, which bypasses a verification step because the gguvenlik parameter is assumed to be immutable by the attacker."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
                },
                {
                  "name": "http://www.nukedx.com/?viewdoc=31",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?viewdoc=31"
                },
                {
                  "name": "http://www.nukedx.com/?getxpl=31",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?getxpl=31"
                },
                {
                  "name": "1002",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1002"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2734",
        "datePublished": "2006-06-01T10:00:00.000Z",
        "dateReserved": "2006-06-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:58:51.998Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1362 (GCVE-0-2006-1362)

    Vulnerability from nvd – Published: 2006-03-23 11:00 – Updated: 2024-08-07 17:12
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the uid parameter in (a) members.asp, the (2) catid parameter in (b) articles.asp and (c) programs.asp, and the (3) id parameter in (d) hpages.asp and (e) forum.asp. NOTE: The pages.asp/id vector is already covered by CVE-2006-0870.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/18439 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/617 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/428361/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-03-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:12:20.682Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "mininuke-multiple-sql-injection(25372)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25372"
              },
              {
                "name": "18439",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18439"
              },
              {
                "name": "617",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/617"
              },
              {
                "name": "20060321 Mini-Nuke\u003c=1.8.2 SQL injection (6)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/428361/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the uid parameter in (a) members.asp, the (2) catid parameter in (b) articles.asp and (c) programs.asp, and the (3) id parameter in (d) hpages.asp and (e) forum.asp.  NOTE: The pages.asp/id vector is already covered by CVE-2006-0870."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "mininuke-multiple-sql-injection(25372)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25372"
            },
            {
              "name": "18439",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18439"
            },
            {
              "name": "617",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/617"
            },
            {
              "name": "20060321 Mini-Nuke\u003c=1.8.2 SQL injection (6)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/428361/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1362",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the uid parameter in (a) members.asp, the (2) catid parameter in (b) articles.asp and (c) programs.asp, and the (3) id parameter in (d) hpages.asp and (e) forum.asp.  NOTE: The pages.asp/id vector is already covered by CVE-2006-0870."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "mininuke-multiple-sql-injection(25372)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25372"
                },
                {
                  "name": "18439",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18439"
                },
                {
                  "name": "617",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/617"
                },
                {
                  "name": "20060321 Mini-Nuke\u003c=1.8.2 SQL injection (6)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/428361/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1362",
        "datePublished": "2006-03-23T11:00:00.000Z",
        "dateReserved": "2006-03-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:12:20.682Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0870 (GCVE-0-2006-0870)

    Vulnerability from nvd – Published: 2006-02-23 23:00 – Updated: 2024-08-07 16:48
    VLAI
    Summary
    SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: version 2.3 was later reported to be vulnerable as well.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/16730 vdb-entryx_refsource_BID
    http://www.nukedx.com/?viewdoc=9 x_refsource_MISC
    http://www.securityfocus.com/archive/1/431714/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/18439 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/17636 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/425599/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/431602/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/428361/100… mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/23438 vdb-entryx_refsource_OSVDB
    Date Public
    2006-02-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:48:56.614Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16730",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16730"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?viewdoc=9"
              },
              {
                "name": "20060421 Re: Mini-NUKE v2.3\u003c\u003c--- SQL Injection",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/431714/100/0/threaded"
              },
              {
                "name": "18439",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18439"
              },
              {
                "name": "mininuke-pages-sql-injection(24803)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24803"
              },
              {
                "name": "17636",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17636"
              },
              {
                "name": "20060220 MiniNuke CMS System all versions (pages.asp) SQL Injection",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/425599/100/0/threaded"
              },
              {
                "name": "20060420 Mini-NUKE v2.3\u003c\u003c--- SQL Injection",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/431602/100/0/threaded"
              },
              {
                "name": "20060321 Mini-Nuke\u003c=1.8.2 SQL injection (6)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/428361/100/0/threaded"
              },
              {
                "name": "23438",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/23438"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-02-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.  NOTE: version 2.3 was later reported to be vulnerable as well."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "16730",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16730"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?viewdoc=9"
            },
            {
              "name": "20060421 Re: Mini-NUKE v2.3\u003c\u003c--- SQL Injection",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/431714/100/0/threaded"
            },
            {
              "name": "18439",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18439"
            },
            {
              "name": "mininuke-pages-sql-injection(24803)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24803"
            },
            {
              "name": "17636",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17636"
            },
            {
              "name": "20060220 MiniNuke CMS System all versions (pages.asp) SQL Injection",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/425599/100/0/threaded"
            },
            {
              "name": "20060420 Mini-NUKE v2.3\u003c\u003c--- SQL Injection",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/431602/100/0/threaded"
            },
            {
              "name": "20060321 Mini-Nuke\u003c=1.8.2 SQL injection (6)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/428361/100/0/threaded"
            },
            {
              "name": "23438",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/23438"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0870",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.  NOTE: version 2.3 was later reported to be vulnerable as well."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16730",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16730"
                },
                {
                  "name": "http://www.nukedx.com/?viewdoc=9",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?viewdoc=9"
                },
                {
                  "name": "20060421 Re: Mini-NUKE v2.3\u003c\u003c--- SQL Injection",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/431714/100/0/threaded"
                },
                {
                  "name": "18439",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18439"
                },
                {
                  "name": "mininuke-pages-sql-injection(24803)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24803"
                },
                {
                  "name": "17636",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17636"
                },
                {
                  "name": "20060220 MiniNuke CMS System all versions (pages.asp) SQL Injection",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/425599/100/0/threaded"
                },
                {
                  "name": "20060420 Mini-NUKE v2.3\u003c\u003c--- SQL Injection",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/431602/100/0/threaded"
                },
                {
                  "name": "20060321 Mini-Nuke\u003c=1.8.2 SQL injection (6)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/428361/100/0/threaded"
                },
                {
                  "name": "23438",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/23438"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0870",
        "datePublished": "2006-02-23T23:00:00.000Z",
        "dateReserved": "2006-02-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:48:56.614Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0199 (GCVE-0-2006-0199)

    Vulnerability from nvd – Published: 2006-01-13 23:00 – Updated: 2024-08-07 16:25
    VLAI
    Summary
    SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/421727/100… mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/22384 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/18439 third-party-advisoryx_refsource_SECUNIA
    http://www.nukedx.com/?viewdoc=7 x_refsource_MISC
    http://www.vupen.com/english/advisories/2006/0173 vdb-entryx_refsource_VUPEN
    http://securityreason.com/securityalert/340 third-party-advisoryx_refsource_SREASON
    http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
    Date Public
    2006-01-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:25:34.084Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "mininuke-news-sql-injection(24098)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24098"
              },
              {
                "name": "20060113 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injectionvulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/421727/100/0/threaded"
              },
              {
                "name": "22384",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/22384"
              },
              {
                "name": "18439",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18439"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?viewdoc=7"
              },
              {
                "name": "ADV-2006-0173",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0173"
              },
              {
                "name": "340",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/340"
              },
              {
                "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injection vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "mininuke-news-sql-injection(24098)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24098"
            },
            {
              "name": "20060113 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injectionvulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/421727/100/0/threaded"
            },
            {
              "name": "22384",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/22384"
            },
            {
              "name": "18439",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18439"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?viewdoc=7"
            },
            {
              "name": "ADV-2006-0173",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0173"
            },
            {
              "name": "340",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/340"
            },
            {
              "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injection vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0199",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "mininuke-news-sql-injection(24098)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24098"
                },
                {
                  "name": "20060113 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injectionvulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/421727/100/0/threaded"
                },
                {
                  "name": "22384",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/22384"
                },
                {
                  "name": "18439",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18439"
                },
                {
                  "name": "http://www.nukedx.com/?viewdoc=7",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?viewdoc=7"
                },
                {
                  "name": "ADV-2006-0173",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0173"
                },
                {
                  "name": "340",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/340"
                },
                {
                  "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injection vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0199",
        "datePublished": "2006-01-13T23:00:00.000Z",
        "dateReserved": "2006-01-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:25:34.084Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0203 (GCVE-0-2006-0203)

    Vulnerability from nvd – Published: 2006-01-13 23:00 – Updated: 2024-08-07 16:25
    VLAI
    Summary
    membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/344 third-party-advisoryx_refsource_SREASON
    http://www.osvdb.org/22385 vdb-entryx_refsource_OSVDB
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/18439 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/0173 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/421748/100… mailing-listx_refsource_BUGTRAQ
    http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
    Date Public
    2006-01-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:25:34.077Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "344",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/344"
              },
              {
                "name": "22385",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/22385"
              },
              {
                "name": "20060129 [xpl#2] MiniNuke 1.8.2 - change member\u0027s passwrod \u003c Perl \u003e",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2006-01/0483.html"
              },
              {
                "name": "18439",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18439"
              },
              {
                "name": "ADV-2006-0173",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0173"
              },
              {
                "name": "20060113 Advisory: MiniNuke CMS System \u003c= 1.8.2 (membership.asp) remoteuser password change exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/421748/100/0/threaded"
              },
              {
                "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (membership.asp) remote user password change exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0437.html"
              },
              {
                "name": "mininuke-membership-change-password(24101)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24101"
              },
              {
                "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injection vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "344",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/344"
            },
            {
              "name": "22385",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/22385"
            },
            {
              "name": "20060129 [xpl#2] MiniNuke 1.8.2 - change member\u0027s passwrod \u003c Perl \u003e",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2006-01/0483.html"
            },
            {
              "name": "18439",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18439"
            },
            {
              "name": "ADV-2006-0173",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0173"
            },
            {
              "name": "20060113 Advisory: MiniNuke CMS System \u003c= 1.8.2 (membership.asp) remoteuser password change exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/421748/100/0/threaded"
            },
            {
              "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (membership.asp) remote user password change exploit",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0437.html"
            },
            {
              "name": "mininuke-membership-change-password(24101)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24101"
            },
            {
              "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injection vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0203",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "344",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/344"
                },
                {
                  "name": "22385",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/22385"
                },
                {
                  "name": "20060129 [xpl#2] MiniNuke 1.8.2 - change member\u0027s passwrod \u003c Perl \u003e",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2006-01/0483.html"
                },
                {
                  "name": "18439",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18439"
                },
                {
                  "name": "ADV-2006-0173",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0173"
                },
                {
                  "name": "20060113 Advisory: MiniNuke CMS System \u003c= 1.8.2 (membership.asp) remoteuser password change exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/421748/100/0/threaded"
                },
                {
                  "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (membership.asp) remote user password change exploit",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0437.html"
                },
                {
                  "name": "mininuke-membership-change-password(24101)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24101"
                },
                {
                  "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injection vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0203",
        "datePublished": "2006-01-13T23:00:00.000Z",
        "dateReserved": "2006-01-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:25:34.077Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2732 (GCVE-0-2006-2732)

    Vulnerability from cvelistv5 – Published: 2006-06-01 10:00 – Updated: 2024-08-07 17:58
    VLAI
    Summary
    SQL injection vulnerability in Your_Account.asp in Mini-Nuke 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) yas_1, (2) yas_2, and (3) yas_3 parameters.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1016170 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/20317 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/18126 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/435279/100… mailing-listx_refsource_BUGTRAQ
    http://www.nukedx.com/?viewdoc=31 x_refsource_MISC
    http://www.nukedx.com/?getxpl=31 x_refsource_MISC
    http://www.vupen.com/english/advisories/2006/2031 vdb-entryx_refsource_VUPEN
    http://securityreason.com/securityalert/1002 third-party-advisoryx_refsource_SREASON
    Date Public
    2006-05-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:58:51.922Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1016170",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016170"
              },
              {
                "name": "mininuke-youraccount-sql-injection(26816)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26816"
              },
              {
                "name": "20317",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20317"
              },
              {
                "name": "18126",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18126"
              },
              {
                "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?viewdoc=31"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?getxpl=31"
              },
              {
                "name": "ADV-2006-2031",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2031"
              },
              {
                "name": "1002",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1002"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in Your_Account.asp in Mini-Nuke 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) yas_1, (2) yas_2, and (3) yas_3 parameters."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1016170",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016170"
            },
            {
              "name": "mininuke-youraccount-sql-injection(26816)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26816"
            },
            {
              "name": "20317",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20317"
            },
            {
              "name": "18126",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18126"
            },
            {
              "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?viewdoc=31"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?getxpl=31"
            },
            {
              "name": "ADV-2006-2031",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2031"
            },
            {
              "name": "1002",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1002"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2732",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in Your_Account.asp in Mini-Nuke 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) yas_1, (2) yas_2, and (3) yas_3 parameters."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1016170",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016170"
                },
                {
                  "name": "mininuke-youraccount-sql-injection(26816)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26816"
                },
                {
                  "name": "20317",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20317"
                },
                {
                  "name": "18126",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/18126"
                },
                {
                  "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
                },
                {
                  "name": "http://www.nukedx.com/?viewdoc=31",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?viewdoc=31"
                },
                {
                  "name": "http://www.nukedx.com/?getxpl=31",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?getxpl=31"
                },
                {
                  "name": "ADV-2006-2031",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2031"
                },
                {
                  "name": "1002",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1002"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2732",
        "datePublished": "2006-06-01T10:00:00.000Z",
        "dateReserved": "2006-06-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:58:51.922Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2733 (GCVE-0-2006-2733)

    Vulnerability from cvelistv5 – Published: 2006-06-01 10:00 – Updated: 2024-08-07 17:58
    VLAI
    Summary
    membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security codes, which allows remote attackers to register multiple times via automated scripts.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/20317 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/435279/100… mailing-listx_refsource_BUGTRAQ
    http://www.nukedx.com/?viewdoc=31 x_refsource_MISC
    http://www.nukedx.com/?getxpl=31 x_refsource_MISC
    http://securityreason.com/securityalert/1002 third-party-advisoryx_refsource_SREASON
    Date Public
    2006-05-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:58:52.005Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20317",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20317"
              },
              {
                "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?viewdoc=31"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?getxpl=31"
              },
              {
                "name": "1002",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1002"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security codes, which allows remote attackers to register multiple times via automated scripts."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20317",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20317"
            },
            {
              "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?viewdoc=31"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?getxpl=31"
            },
            {
              "name": "1002",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1002"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2733",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "membership.asp in Mini-Nuke 2.3 and earlier uses plaintext security codes, which allows remote attackers to register multiple times via automated scripts."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20317",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20317"
                },
                {
                  "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
                },
                {
                  "name": "http://www.nukedx.com/?viewdoc=31",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?viewdoc=31"
                },
                {
                  "name": "http://www.nukedx.com/?getxpl=31",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?getxpl=31"
                },
                {
                  "name": "1002",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1002"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2733",
        "datePublished": "2006-06-01T10:00:00.000Z",
        "dateReserved": "2006-06-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:58:52.005Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2734 (GCVE-0-2006-2734)

    Vulnerability from cvelistv5 – Published: 2006-06-01 10:00 – Updated: 2024-08-07 17:58
    VLAI
    Summary
    enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter, which bypasses a verification step because the gguvenlik parameter is assumed to be immutable by the attacker.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/435279/100… mailing-listx_refsource_BUGTRAQ
    http://www.nukedx.com/?viewdoc=31 x_refsource_MISC
    http://www.nukedx.com/?getxpl=31 x_refsource_MISC
    http://securityreason.com/securityalert/1002 third-party-advisoryx_refsource_SREASON
    Date Public
    2006-05-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:58:51.998Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?viewdoc=31"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?getxpl=31"
              },
              {
                "name": "1002",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1002"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter, which bypasses a verification step because the gguvenlik parameter is assumed to be immutable by the attacker."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?viewdoc=31"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?getxpl=31"
            },
            {
              "name": "1002",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1002"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2734",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter, which bypasses a verification step because the gguvenlik parameter is assumed to be immutable by the attacker."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060528 Advisory: MiniNuke v2.x Multiple Remote Vulnerabilities",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/435279/100/0/threaded"
                },
                {
                  "name": "http://www.nukedx.com/?viewdoc=31",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?viewdoc=31"
                },
                {
                  "name": "http://www.nukedx.com/?getxpl=31",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?getxpl=31"
                },
                {
                  "name": "1002",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1002"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2734",
        "datePublished": "2006-06-01T10:00:00.000Z",
        "dateReserved": "2006-06-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:58:51.998Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1362 (GCVE-0-2006-1362)

    Vulnerability from cvelistv5 – Published: 2006-03-23 11:00 – Updated: 2024-08-07 17:12
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the uid parameter in (a) members.asp, the (2) catid parameter in (b) articles.asp and (c) programs.asp, and the (3) id parameter in (d) hpages.asp and (e) forum.asp. NOTE: The pages.asp/id vector is already covered by CVE-2006-0870.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/18439 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/617 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/archive/1/428361/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-03-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:12:20.682Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "mininuke-multiple-sql-injection(25372)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25372"
              },
              {
                "name": "18439",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18439"
              },
              {
                "name": "617",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/617"
              },
              {
                "name": "20060321 Mini-Nuke\u003c=1.8.2 SQL injection (6)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/428361/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the uid parameter in (a) members.asp, the (2) catid parameter in (b) articles.asp and (c) programs.asp, and the (3) id parameter in (d) hpages.asp and (e) forum.asp.  NOTE: The pages.asp/id vector is already covered by CVE-2006-0870."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "mininuke-multiple-sql-injection(25372)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25372"
            },
            {
              "name": "18439",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18439"
            },
            {
              "name": "617",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/617"
            },
            {
              "name": "20060321 Mini-Nuke\u003c=1.8.2 SQL injection (6)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/428361/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1362",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the uid parameter in (a) members.asp, the (2) catid parameter in (b) articles.asp and (c) programs.asp, and the (3) id parameter in (d) hpages.asp and (e) forum.asp.  NOTE: The pages.asp/id vector is already covered by CVE-2006-0870."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "mininuke-multiple-sql-injection(25372)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25372"
                },
                {
                  "name": "18439",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18439"
                },
                {
                  "name": "617",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/617"
                },
                {
                  "name": "20060321 Mini-Nuke\u003c=1.8.2 SQL injection (6)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/428361/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1362",
        "datePublished": "2006-03-23T11:00:00.000Z",
        "dateReserved": "2006-03-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:12:20.682Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0870 (GCVE-0-2006-0870)

    Vulnerability from cvelistv5 – Published: 2006-02-23 23:00 – Updated: 2024-08-07 16:48
    VLAI
    Summary
    SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: version 2.3 was later reported to be vulnerable as well.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/16730 vdb-entryx_refsource_BID
    http://www.nukedx.com/?viewdoc=9 x_refsource_MISC
    http://www.securityfocus.com/archive/1/431714/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/18439 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/17636 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/425599/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/431602/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/428361/100… mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/23438 vdb-entryx_refsource_OSVDB
    Date Public
    2006-02-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:48:56.614Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "16730",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16730"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?viewdoc=9"
              },
              {
                "name": "20060421 Re: Mini-NUKE v2.3\u003c\u003c--- SQL Injection",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/431714/100/0/threaded"
              },
              {
                "name": "18439",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18439"
              },
              {
                "name": "mininuke-pages-sql-injection(24803)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24803"
              },
              {
                "name": "17636",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17636"
              },
              {
                "name": "20060220 MiniNuke CMS System all versions (pages.asp) SQL Injection",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/425599/100/0/threaded"
              },
              {
                "name": "20060420 Mini-NUKE v2.3\u003c\u003c--- SQL Injection",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/431602/100/0/threaded"
              },
              {
                "name": "20060321 Mini-Nuke\u003c=1.8.2 SQL injection (6)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/428361/100/0/threaded"
              },
              {
                "name": "23438",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/23438"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-02-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.  NOTE: version 2.3 was later reported to be vulnerable as well."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "16730",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16730"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?viewdoc=9"
            },
            {
              "name": "20060421 Re: Mini-NUKE v2.3\u003c\u003c--- SQL Injection",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/431714/100/0/threaded"
            },
            {
              "name": "18439",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18439"
            },
            {
              "name": "mininuke-pages-sql-injection(24803)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24803"
            },
            {
              "name": "17636",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17636"
            },
            {
              "name": "20060220 MiniNuke CMS System all versions (pages.asp) SQL Injection",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/425599/100/0/threaded"
            },
            {
              "name": "20060420 Mini-NUKE v2.3\u003c\u003c--- SQL Injection",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/431602/100/0/threaded"
            },
            {
              "name": "20060321 Mini-Nuke\u003c=1.8.2 SQL injection (6)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/428361/100/0/threaded"
            },
            {
              "name": "23438",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/23438"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0870",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in pages.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.  NOTE: version 2.3 was later reported to be vulnerable as well."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "16730",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16730"
                },
                {
                  "name": "http://www.nukedx.com/?viewdoc=9",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?viewdoc=9"
                },
                {
                  "name": "20060421 Re: Mini-NUKE v2.3\u003c\u003c--- SQL Injection",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/431714/100/0/threaded"
                },
                {
                  "name": "18439",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18439"
                },
                {
                  "name": "mininuke-pages-sql-injection(24803)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24803"
                },
                {
                  "name": "17636",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17636"
                },
                {
                  "name": "20060220 MiniNuke CMS System all versions (pages.asp) SQL Injection",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/425599/100/0/threaded"
                },
                {
                  "name": "20060420 Mini-NUKE v2.3\u003c\u003c--- SQL Injection",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/431602/100/0/threaded"
                },
                {
                  "name": "20060321 Mini-Nuke\u003c=1.8.2 SQL injection (6)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/428361/100/0/threaded"
                },
                {
                  "name": "23438",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/23438"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0870",
        "datePublished": "2006-02-23T23:00:00.000Z",
        "dateReserved": "2006-02-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:48:56.614Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0199 (GCVE-0-2006-0199)

    Vulnerability from cvelistv5 – Published: 2006-01-13 23:00 – Updated: 2024-08-07 16:25
    VLAI
    Summary
    SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/421727/100… mailing-listx_refsource_BUGTRAQ
    http://www.osvdb.org/22384 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/18439 third-party-advisoryx_refsource_SECUNIA
    http://www.nukedx.com/?viewdoc=7 x_refsource_MISC
    http://www.vupen.com/english/advisories/2006/0173 vdb-entryx_refsource_VUPEN
    http://securityreason.com/securityalert/340 third-party-advisoryx_refsource_SREASON
    http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
    Date Public
    2006-01-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:25:34.084Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "mininuke-news-sql-injection(24098)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24098"
              },
              {
                "name": "20060113 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injectionvulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/421727/100/0/threaded"
              },
              {
                "name": "22384",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/22384"
              },
              {
                "name": "18439",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18439"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.nukedx.com/?viewdoc=7"
              },
              {
                "name": "ADV-2006-0173",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0173"
              },
              {
                "name": "340",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/340"
              },
              {
                "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injection vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "mininuke-news-sql-injection(24098)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24098"
            },
            {
              "name": "20060113 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injectionvulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/421727/100/0/threaded"
            },
            {
              "name": "22384",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/22384"
            },
            {
              "name": "18439",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18439"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.nukedx.com/?viewdoc=7"
            },
            {
              "name": "ADV-2006-0173",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0173"
            },
            {
              "name": "340",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/340"
            },
            {
              "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injection vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0199",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in news.asp in Mini-Nuke CMS System 1.8.2 and earlier allows remote attackers to execute arbitrary SQL commands via the hid parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "mininuke-news-sql-injection(24098)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24098"
                },
                {
                  "name": "20060113 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injectionvulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/421727/100/0/threaded"
                },
                {
                  "name": "22384",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/22384"
                },
                {
                  "name": "18439",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18439"
                },
                {
                  "name": "http://www.nukedx.com/?viewdoc=7",
                  "refsource": "MISC",
                  "url": "http://www.nukedx.com/?viewdoc=7"
                },
                {
                  "name": "ADV-2006-0173",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0173"
                },
                {
                  "name": "340",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/340"
                },
                {
                  "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injection vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0199",
        "datePublished": "2006-01-13T23:00:00.000Z",
        "dateReserved": "2006-01-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:25:34.084Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0203 (GCVE-0-2006-0203)

    Vulnerability from cvelistv5 – Published: 2006-01-13 23:00 – Updated: 2024-08-07 16:25
    VLAI
    Summary
    membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securityreason.com/securityalert/344 third-party-advisoryx_refsource_SREASON
    http://www.osvdb.org/22385 vdb-entryx_refsource_OSVDB
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/18439 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/0173 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/archive/1/421748/100… mailing-listx_refsource_BUGTRAQ
    http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
    Date Public
    2006-01-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:25:34.077Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "344",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/344"
              },
              {
                "name": "22385",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/22385"
              },
              {
                "name": "20060129 [xpl#2] MiniNuke 1.8.2 - change member\u0027s passwrod \u003c Perl \u003e",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2006-01/0483.html"
              },
              {
                "name": "18439",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18439"
              },
              {
                "name": "ADV-2006-0173",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0173"
              },
              {
                "name": "20060113 Advisory: MiniNuke CMS System \u003c= 1.8.2 (membership.asp) remoteuser password change exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/421748/100/0/threaded"
              },
              {
                "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (membership.asp) remote user password change exploit",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0437.html"
              },
              {
                "name": "mininuke-membership-change-password(24101)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24101"
              },
              {
                "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injection vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-01-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "344",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/344"
            },
            {
              "name": "22385",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/22385"
            },
            {
              "name": "20060129 [xpl#2] MiniNuke 1.8.2 - change member\u0027s passwrod \u003c Perl \u003e",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2006-01/0483.html"
            },
            {
              "name": "18439",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18439"
            },
            {
              "name": "ADV-2006-0173",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0173"
            },
            {
              "name": "20060113 Advisory: MiniNuke CMS System \u003c= 1.8.2 (membership.asp) remoteuser password change exploit",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/421748/100/0/threaded"
            },
            {
              "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (membership.asp) remote user password change exploit",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0437.html"
            },
            {
              "name": "mininuke-membership-change-password(24101)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24101"
            },
            {
              "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injection vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0203",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "344",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/344"
                },
                {
                  "name": "22385",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/22385"
                },
                {
                  "name": "20060129 [xpl#2] MiniNuke 1.8.2 - change member\u0027s passwrod \u003c Perl \u003e",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2006-01/0483.html"
                },
                {
                  "name": "18439",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18439"
                },
                {
                  "name": "ADV-2006-0173",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0173"
                },
                {
                  "name": "20060113 Advisory: MiniNuke CMS System \u003c= 1.8.2 (membership.asp) remoteuser password change exploit",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/421748/100/0/threaded"
                },
                {
                  "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (membership.asp) remote user password change exploit",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0437.html"
                },
                {
                  "name": "mininuke-membership-change-password(24101)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24101"
                },
                {
                  "name": "20060112 Advisory: MiniNuke CMS System \u003c= 1.8.2 (news.asp) SQL Injection vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0203",
        "datePublished": "2006-01-13T23:00:00.000Z",
        "dateReserved": "2006-01-13T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:25:34.077Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }