CVE-2001-0854

PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHPSELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of the user...

CVE-2001-0854

CVE-2001-0854 affects PHP-Nuke 5.2. An attacker can copy and delete arbitrary files by invoking case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes case.filemanager.php appear to be called by admin.php. The description documents the vulnerability mechan...