PHP-Nuke 5.1 stores user and administrator passwords in a base-64 encoded cookie, which could allow remote attackers to gain privileges by stealing or sniffing the cookie and decoding it.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Php-nuke | Francisco_burzi | 5.3.1 | 5.3.1 |
Php-nuke | Francisco_burzi | 5.1 | 5.1 |
Postnuke | Postnuke_software_foundation | 0.64 | 0.64 |
Php-nuke | Francisco_burzi | 5.2 | 5.2 |