CVE-2001-1025

PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:francisco_burzi:php-nuke:5.0:*:*:*:*:*:*:*
cpe:2.3:a:francisco_burzi:php-nuke:5.0.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2001-08-31 04:00

Updated : 2024-02-04 16:31


NVD link : CVE-2001-1025

Mitre link : CVE-2001-1025

CVE.ORG link : CVE-2001-1025


JSON object : View

Products Affected

francisco_burzi

  • php-nuke