7.1 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.014 Low
EPSS
Percentile
86.2%
bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote attackers to read arbitrary files and gain PHP administrator privileges by inserting a null character and … (dot dot) sequences into a malformed username argument.
CPE | Name | Operator | Version |
---|---|---|---|
francisco_burzi:php-nuke | francisco burzi php-nuke | eq | 4.4 |
francisco_burzi:php-nuke | francisco burzi php-nuke | eq | 4.0.4 |