asp-nuke 漏洞與 CVE 列表(13)

產品(CPE): — CVE 數: 13

asp-nuke 漏洞概覽

asp-nuke 相關的公開 CVE 漏洞與安全風險資訊,提供 CVSS、EPSS、公開時間與漏洞情報資料,協助評估潛在風險與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 11313 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2007-2892 Cross-site scripting (XSS) vulnerability in news.asp in ASP-Nuke 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. [email protected] 4.3 1.49% 2007-05-29 2026-06-16
CVE-2006-7152 default.asp in ASP-Nuke Community 1.5 and earlier allows remote attackers to gain privileges by setting certain pseudo cookie values. [email protected] 8.5 2.50% 2007-03-07 2026-06-16
CVE-2006-6070 SQL injection vulnerability in module/account/register/register.asp in ASP Nuke 0.80 and earlier allows remote attackers to execute arbitrary SQL commands via the StateCode parameter. [email protected] 7.5 1.07% 2006-11-21 2026-06-16
CVE-2005-2067 SQL injection vulnerability in article.asp in unknown versions of aspnuke allows remote attackers to execute arbitrary SQL commands via the articleid parameter. [email protected] 7.5 1.14% 2005-06-29 2026-06-16
CVE-2005-2066 SQL injection vulnerability in comment_post.asp in ASP Nuke 0.80 allows remote attackers to execute arbitrary SQL statements via the TaskID parameter. [email protected] 7.5 1.14% 2005-06-29 2026-06-16
CVE-2005-2065 HTTP response splitting vulnerability in language_select.asp in ASP Nuke 0.80 allows remote attackers to spoof web content and poison web caches via CRLF ("%0d%0a") sequences in the LangCode parameter. [email protected] 5.0 1.85% 2005-06-29 2026-06-16
CVE-2005-2064 Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to forgot_password.asp, or the (2) FirstName, (3) LastName, (4) Username, (5) Password, (6) Address1, (7) Address2, (8) City, (9) ZipCode, (10) Email parameter to register.asp. [email protected] 5.0 2.03% 2005-06-29 2026-06-16
CVE-2004-1788 ASP-Nuke 1.3 and earlier places user credentials under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to main.mdb. [email protected] 5.0 2.71% 2004-12-31 2026-06-16
CVE-2002-0524 ASP-Nuke RC2 and earlier allows remote attackers to determine the absolute path of the server by (1) calling database-inc.asp with incorrect cookies, or (2) calling Post.asp with certain arguments, which leak the pathname in an error message. [email protected] 5.0 1.88% 2002-08-12 2026-06-16
CVE-2002-0523 ASP-Nuke RC2 and earlier allows remote attackers to list all logged-in users by submitting an invalid "pseudo" cookie. [email protected] 5.0 1.88% 2002-08-12 2026-06-16
CVE-2002-0522 ASP-Nuke RC2 and earlier allows remote attackers to bypass authentication and gain privileges by modifying the "pseudo" cookie. [email protected] 7.5 1.65% 2002-08-12 2026-06-16
CVE-2002-0521 Cross-site scripting vulnerabilities in ASP-Nuke RC2 and earlier allow remote attackers to execute script or gain privileges as other ASP-Nuke users via script in (1) the name parameter in downloads.asp, (2) the message parameter in Post.asp, or (3) a web site URL in profile.asp. [email protected] 5.1 2.32% 2002-08-12 2026-06-16
CVE-2002-0520 Cross-site scripting vulnerability in functions-inc.asp for ASP-Nuke RC1 allows remote attackers to execute script as other ASP-Nuke users by embedding it within an IMG tag. [email protected] 7.5 1.59% 2002-08-12 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence