Vulnerabilities

CVE-2006-0203

by Fred · 13/01/2006

membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter.

Date published : 2006-01-13

http://www.securityfocus.com/archive/1/421748/100/0/threaded

http://archives.neohapsis.com/archives/bugtraq/2006-01/0483.html

Similar

Tags: Cybersecurity Alert