CVE-2001-0001 — Burzi Php-nuke vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.0%

top 91.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Francisco Burzi Php-nuke

Timeline

PublishedJun 2

Latest updateApr 23

Description

cookiedecode function in PHP-Nuke 4.4 allows users to bypass authentication and gain access to other user accounts by extracting the authentication information from a cookie.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDfrancisco_burzi/php-nuke4.4

Patches

Patch: archives.neohapsis.com ↗Patch: archives.neohapsis.com ↗

🔴Vulnerability Details

GHSA

GHSA-xf5w-5cjx-254f: cookiedecode function in PHP-Nuke 4↗2022-04-23

▶

CVEList

CVE-2001-0001: cookiedecode function in PHP-Nuke 4↗2002-03-09

▶