Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0206 — Burzi Php-nuke vulnerability

5 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.6%

top 30.84%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Francisco Burzi Php-nuke

Timeline

PublishedMay 16

Latest updateApr 30

Description

index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly other versions before 5.5, allows remote attackers to execute arbitrary PHP code by specifying a URL to the malicious code in the file parameter.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDfrancisco_burzi/php-nuke13 versions+12

🔴Vulnerability Details

GHSA

GHSA-pc45-fqqm-f5w2: index↗2022-04-30

▶

CVEList

CVE-2002-0206: index↗2002-05-03

▶

💥Exploits & PoCs

Exploit-DB

D-Link DWL Series Access-Point 2.10na - Config Disclosure↗2006-06-08

▶

Exploit-DB

PHP-Nuke 4.x/5.x - Arbitrary File Inclusion↗2002-01-16

▶