[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2002-0521Date: (C)2002-08-12   (M)2023-12-22


Cross-site scripting vulnerabilities in ASP-Nuke RC2 and earlier allow remote attackers to execute script or gain privileges as other ASP-Nuke users via script in (1) the name parameter in downloads.asp, (2) the message parameter in Post.asp, or (3) a web site URL in profile.asp.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.1
Exploit Score: 4.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
http://online.securityfocus.com/archive/82/266705
BID-4477
BID-4481
aspnuke-downloads-post-css(8830)
aspnuke-user-profile-css(8831)
http://www.asp-nuke.com/news.asp?date=20020412&cat=11
http://www.ifrance.com/kitetoua/tuto/ASPNuke.txt

© SecPod Technologies