Php-nuke@6.5 final Security Vulnerabilities and Issues — Php-nuke@6.5 final CVE List

Lucene search

Francisco BurziPhp-nuke6.5 final

2 matches found

cve•added 2007/10/24 11:0 p.m.•38 views

CVE-2003-1468

The Web_Links module in PHP-Nuke 6.0 through 6.5 final allows remote attackers to obtain the full web server path via an invalid cid parameter that is non-numeric or null, which leaks the pathname in an error message.

4.3CVSS7.1AI score0.00027EPSS

cve•added 2007/09/21 7:17 p.m.•36 views

CVE-2007-5032

Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote attackers to add administrative accounts via an AddAuthor action with modified add_name and add_radminsuper parameters.

5.1CVSS6.9AI score0.00014EPSS