Unrated severityNVD Advisory· Published Jan 13, 2006· Updated Apr 16, 2026

CVE-2006-0203

Description

membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter.

Affected products

Mini Nuke/CMS System
cpe:2.3:a:mini-nuke:cms_system:*:*:*:*:*:*:*:*
Range: <=1.8.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/bugtraq/2006-01/0483.htmlnvdExploitVendor Advisory
archives.neohapsis.com/archives/fulldisclosure/2006-01/0437.htmlnvdExploitVendor Advisory
archives.neohapsis.com/archives/fulldisclosure/2006-01/0439.htmlnvdExploitVendor Advisory
secunia.com/advisories/18439nvdExploitVendor Advisory
www.osvdb.org/22385nvdExploit
www.vupen.com/english/advisories/2006/0173nvdVendor Advisory
securityreason.com/securityalert/344nvd
www.securityfocus.com/archive/1/421748/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/24101nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000