CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2001-1025

PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 22.7%

CVSS Severity

CVSS v2 Score 10.0

References

http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0019.html
http://www.securityfocus.com/bid/3149
http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0019.html
http://www.securityfocus.com/bid/3149

Products affected by CVE-2001-1025

Francisco Burzi » Php-Nuke » Version: 5.0

cpe:2.3:a:francisco_burzi:php-nuke:5.0
Francisco Burzi » Php-Nuke » Version: 5.0.1

cpe:2.3:a:francisco_burzi:php-nuke:5.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-1025

Products

Pricing

Contact Us