Lucene search

[email protected]CVE-2001-0320

HistoryMay 03, 2001 - 4:00 a.m.

CVE-2001-0320

2001-05-0304:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-0320

php-nuke 4.4

file read

gain admin privilege

php

remote attack

nvd

7.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.2%

JSON

bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote attackers to read arbitrary files and gain PHP administrator privileges by inserting a null character and … (dot dot) sequences into a malformed username argument.

CPENameOperatorVersion
francisco_burzi:php-nukefrancisco burzi php-nukeeq4.4
francisco_burzi:php-nukefrancisco burzi php-nukeeq4.0.4

CPE	Name	Operator	Version
francisco_burzi:php-nuke	francisco burzi php-nuke	eq	4.4
francisco_burzi:php-nuke	francisco burzi php-nuke	eq	4.0.4

References

archives.neohapsis.com/archives/bugtraq/2001-02/0425.html

7.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.2%

JSON

Related for CVE-2001-0320

openvas1 nessus1