CVE-2001-1025 in PHP-Nukeinfo

Summary

PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Disclosure

08/31/2001

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-89 (Confirmed)

CVSS

9.8

EPSS

0.00073

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2001-1025
NVD	https://nvd.nist.gov/vuln/detail/CVE-2001-1025
CVE Details	https://www.cvedetails.com/cve/CVE-2001-1025/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!