Security holes in ASP-Nuke

[frog frog <leseulfrog () hotmail com>]

Product :
ASP-Nuke
http://www.asp-nuke.com

Versions :
RC1, RC2

Problems :
RC1 :
- By-passing of filters against HTML
RC2 :
- Access to all accounts
- Cross Site Scripting
- Path disclosure

More details :
in french :
http://www.ifrance.com/kitetoua/tuto/ASPNuke.txt

translated by Google :
http://translate.google.com/translate?u=http%3A%
2F%2Fwww.ifrance.com%2Fkitetoua%2Ftuto%
2FASPNuke.txt&langpair=fr%
7Cen&hl=fr&ie=ASCII&oe=ASCII

frog-m@n