Mini-NUKE Pages.ASP SQL Injection Vulnerability
BID:17636
Info
Mini-NUKE Pages.ASP SQL Injection Vulnerability
| Bugtraq ID: | 17636 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 20 2006 12:00AM |
| Updated: | Apr 21 2006 10:36PM |
| Credit: | Discovered by [email protected]. |
| Vulnerable: |
MiniNuke MiniNuke CMS 2.3 |
| Not Vulnerable: | |
Discussion
Mini-NUKE Pages.ASP SQL Injection Vulnerability
Mini-NUKE is prone to an SQL-injection vulnerability.
Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Version 2.3 is vulnerable to this issue; other versions may also be affected.
Mini-NUKE is prone to an SQL-injection vulnerability.
Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Version 2.3 is vulnerable to this issue; other versions may also be affected.
Exploit / POC
Mini-NUKE Pages.ASP SQL Injection Vulnerability
This issue can be exploited through a web client.
An example URI has been provided:
http://www.example.com/pages.asp?id=[SQL Injection]
This issue can be exploited through a web client.
An example URI has been provided:
http://www.example.com/pages.asp?id=[SQL Injection]
Solution / Fix
Mini-NUKE Pages.ASP SQL Injection Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected]
References
Mini-NUKE Pages.ASP SQL Injection Vulnerability
References:
References: