5

CVE-2006-2734

Exploit
enter.asp in Mini-Nuke 2.3 and earlier makes it easier for remote attackers to conduct password guessing attacks by setting the guvenlik parameter to the same value as the hidden gguvenlik parameter, which bypasses a verification step because the gguvenlik parameter is assumed to be immutable by the attacker.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mini-nukeMini-nuke Version <= 2.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.54% 0.716
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://securityreason.com/securityalert/1002
http://www.nukedx.com/?getxpl=31
Exploit
http://www.nukedx.com/?viewdoc=31
Vendor Advisory
Exploit
http://www.securityfocus.com/archive/1/435279/100/0/threaded