← Back

CVE-2001-0911

nvd nist
Published: Nov 21, 2001Modified: Apr 16, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

PHP-Nuke 5.1 stores user and administrator passwords in a base-64 encoded cookie, which could allow remote attackers to gain privileges by stealing or sniffing the cookie and decoding it.

Affected (4)

Francisco Burzi
1 product
Php Nuke
Postnuke Software Foundation
1 product
Postnuke
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Francisco Burzi
Php Nuke
Version 5.1
Php Nuke
Version 5.2
Php Nuke
Version 5.3.1
Postnuke
Version 0.64

References (6)

Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.