Description
ASP-Nuke 1.3 and earlier places user credentials under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to main.mdb.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Vietnamese Security Group · textwebappsasp
https://www.exploit-db.com/exploits/23516
References (1)
Core 1
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/9355
Scores
EPSS
0.0503
EPSS Percentile
89.8%
Details
Status
published
Products (3)
asp-nuke/asp-nuke
1.0
asp-nuke/asp-nuke
1.2
asp-nuke/asp-nuke
1.3
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026