1 results (0.020 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

SQL injection vulnerability in members.asp in Mini-NUKE Freehost 2.3 allows remote attackers to execute arbitrary SQL commands via the uid parameter in a member_details action. Vulnerabilidad de inyección SQL en members.asp de Mini-NUKE Freehost 2.3, permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro uid en una acción member_details. • https://www.exploit-db.com/exploits/5187 http://www.securityfocus.com/archive/1/495743/100/0/threaded • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •