CVE-2007-5032
published 2007-09-21CVE-2007-5032: Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote attackers to add administrative accounts via an…
PriorityP416medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EPSS
0.57%
42.7th percentile
Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote attackers to add administrative accounts via an AddAuthor action with modified add_name and add_radminsuper parameters.
Affected
41 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| francisco_burzi | php-nuke | <= 1.0 | — |
| francisco_burzi | php-nuke | <= 2.5 | — |
| francisco_burzi | php-nuke | <= 3.0 | — |
| francisco_burzi | php-nuke | <= 4.0 | — |
| francisco_burzi | php-nuke | <= 4.0.4 | — |
| francisco_burzi | php-nuke | <= 4.3 | — |
| francisco_burzi | php-nuke | <= 4.4 | — |
| francisco_burzi | php-nuke | <= 4.4.1a | — |
| francisco_burzi | php-nuke | <= 5.0 | — |
| francisco_burzi | php-nuke | <= 5.0.1 | — |
| francisco_burzi | php-nuke | <= 5.1 | — |
| francisco_burzi | php-nuke | <= 5.2 | — |
| francisco_burzi | php-nuke | <= 5.2a | — |
| francisco_burzi | php-nuke | <= 5.3.1 | — |
| francisco_burzi | php-nuke | <= 5.4 | — |
| francisco_burzi | php-nuke | <= 5.5 | — |
| francisco_burzi | php-nuke | <= 5.6 | — |
| francisco_burzi | php-nuke | <= 6.0 | — |
| francisco_burzi | php-nuke | <= 6.5 | — |
| francisco_burzi | php-nuke | <= 6.5_beta1 | — |
| francisco_burzi | php-nuke | <= 6.5_final | — |
| francisco_burzi | php-nuke | <= 6.5_rc1 | — |
| francisco_burzi | php-nuke | <= 6.5_rc2 | — |
| francisco_burzi | php-nuke | <= 6.5_rc3 | — |
| francisco_burzi | php-nuke | <= 6.6 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2007-09-21
Published