Cross-site scripting vulnerabilities in ASP-Nuke RC2 and previous versions allow remote malicious users to execute script or gain privileges as other ASP-Nuke users via script in (1) the name parameter in downloads.asp, (2) the message parameter in Post.asp, or (3) a web site URL in profile.asp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
asp-nuke asp-nuke rc2 |
||
asp-nuke asp-nuke rc1 |