exploitDog

CVE-2001-1025

Опубликовано: 31 авг. 2001

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.

Ссылки

http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0019.html
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/3149
Exploit
Vendor Advisory
http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0019.html
Exploit
Vendor Advisory
http://www.securityfocus.com/bid/3149
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:francisco_burzi:php-nuke:5.0:*:*:*:*:*:*:*

cpe:2.3:a:francisco_burzi:php-nuke:5.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00073

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-74xr-5r7j-x39j

github

больше 3 лет назад

PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.

EPSS

Процентиль: 23%

0.00073

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other