CVE-2001-1025

Published: Aug 31, 2001Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.

Affected (2)

Products: Francisco Burzi: Php Nuke

Francisco Burzi

1 product

Php Nuke

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Francisco Burzi Php Nuke	Version 5.0.1
Francisco Burzi Php Nuke	Version 5.0

References (4)

http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0019.html

Source: cve@mitre.org

ExploitVendor Advisory

http://www.securityfocus.com/bid/3149

Source: cve@mitre.org

ExploitVendor Advisory

http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0019.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

http://www.securityfocus.com/bid/3149

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

Timeline

No history available yet.