Lucene search

[email protected]CVE-2000-0745

HistoryOct 20, 2000 - 4:00 a.m.

CVE-2000-0745

2000-10-2004:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2000-0745

php-nuke

admin.php3

verification issue

remote attackers

privileges gain

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.033 Low

EPSS

Percentile

91.3%

JSON

admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote attackers to gain privileges by requesting a URL that does not specify the aid or pwd parameter.

CPENameOperatorVersion
francisco_burzi:php-nukefrancisco burzi php-nukeeq1.0
francisco_burzi:php-nukefrancisco burzi php-nukeeq2.5

CPE	Name	Operator	Version
francisco_burzi:php-nuke	francisco burzi php-nuke	eq	1.0
francisco_burzi:php-nuke	francisco burzi php-nuke	eq	2.5

References

archives.neohapsis.com/archives/bugtraq/2000-08/0243.html

www.osvdb.org/1521

www.securityfocus.com/bid/1592

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.033 Low

EPSS

Percentile

91.3%

JSON

Related for CVE-2000-0745

packetstorm1 securityvulns1