Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in Mini-Nuke CMS System 1.8.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the uid parameter in (a) members.asp, the (2) catid parameter in (b) articles.asp and (c) programs.asp, and the (3) id parameter in (d) hpages.asp and (e) forum.asp. NOTE: The pages.asp/id vector is already covered by CVE-2006-0870.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mini-Nuke CMS System 多个SQL注入漏洞
Vulnerability Description
在Mini-Nuke CMS System 1.8.2及其早期版本中存在多个SQL注入漏洞,远程攻击者可通过以下途径执行任意SQL命令:(1) 在(a) members.asp中的uid参数,(2) 在(b) articles.asp和(c) programs.asp的catid参数,和在(d) hpages.asp和(e) forum.asp中的(3) id参数。注:pages.asp/id向量已包含在CVE-2006-0870中。
CVSS Information
N/A
Vulnerability Type
N/A