CVE-2001-1025Burzi Php-nuke vulnerability

3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
0.1%
top 77.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Francisco Burzi Php-nuke
Timeline
PublishedAug 31
Latest updateApr 30

Description

PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDfrancisco_burzi/php-nuke5.0, 5.0.1+1

🔴Vulnerability Details

2
GHSA
GHSA-74xr-5r7j-x39j: PHP-Nuke 52022-04-30
CVEList
CVE-2001-1025: PHP-Nuke 52002-02-02
CVE-2001-1025 — Francisco Burzi Php-nuke vulnerability | cvebase