CVE Vulnerabilities

CVE-2001-1025

Published: Aug 31, 2001 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the prefix variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.

Affected Software

Name Vendor Start Version End Version
Php-nuke Francisco_burzi 5.0 5.0
Php-nuke Francisco_burzi 5.0.1 5.0.1

References