PT-2006-3653 · Mini Nuke · Mini-Nuke

Mustafa Can Bjorn Ipekci

Published

2006-06-01

Updated

2018-10-18

CVE-2006-2733

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Mini-Nuke versions 2.3 and earlier

Description The issue allows remote attackers to register multiple times via automated scripts because membership.asp uses plaintext security codes.

Recommendations For Mini-Nuke versions 2.3 and earlier, consider updating the security codes to use a more secure method, such as encryption, to prevent unauthorized registrations. As a temporary workaround, restrict access to the membership.asp page to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-2733

Affected Products

Mini-Nuke

PT-2006-3653 · Mini Nuke · Mini-Nuke

CVE-2006-2733

Related Identifiers

Affected Products

References · 6