109 matches found
Дырка в PHP-Nuke (xml parsing)
При разборе XML не проверяется таг TITLE, что позволяет вставить в него PHP-скрипт...
Дырка в PHP-NUKE (saveuser)
Недостаточная проверка ввода пользователя позволяет получить пароль любого пользователя...
rdC270201.adv.en
r 0 t t e n d e v 1 c e C r e w r0tten dev1ce Crew A r g e n t i n i a n S e c u r i t y G r o u p Argentinian Security Group ---------------------------------------:2:3:4:5:6:7:8:eee" | uuencode -m f begin-base64 644 f MDpBbm9ueW1vdXM6MjozOjQ6NTo2Ojc6ODplZWUK lynx...
SA2K01.txt
-----/ SA2K01 /-------------------------------/ SecurityApex.com /---- A quick fix against RFP2101 ------------------------------------/ Max / [email protected] Table of contents: -/ 1 / Information on the exploit -/ 2 / Fix for the exploit -/ 3 / Credits...
CVE-2000-0745
admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote attackers to gain privileges by requesting a URL that does not specify the aid or pwd parameter...
CVE-2000-0745
admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote attackers to gain privileges by requesting a URL that does not specify the aid or pwd parameter...
php-nuke bug
php-nuke bug by StarmanJones 22/08/00 Disclaimer: I am not responsible for whatever you do with the knowledge you get from reading this advisorie. I am not telling you to go and post messages on sites that use PHP-nuke. Recently there was an advisory on bugtraq about An access validation error th...
Vuln. in all sites using PHP-Nuke, versions less than 3
Greetings, PHP-Nuke is a Web Portal System, storytelling software also an automated web site to distribute news and articles with users system. Exploit: ------- The problem is when somebody does a http://example.com/admin.php3?admin=whatever, can have full access as an admin, that means posting...
PHP-Nuke 1.02.5 - Administrative Privileges
PHP-Nuke 1.02.5 - Administrative Privileges source: https://www.securityfocus.com/bid/1592/info PHP-Nuke is a website creation/maintainence tool written in PHP3. It is possible to elevate priviliges in this system from normal user to administrator due to a flaw in authentication code. The problem...