Vulnerability Details CVE-2002-0206
index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly other versions before 5.5, allows remote attackers to execute arbitrary PHP code by specifying a URL to the malicious code in the file parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=101121913914205&w=2
- http://www.kb.cert.org/vuls/id/221683
- http://www.securityfocus.com/bid/3889
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7914
- http://marc.info/?l=bugtraq&m=101121913914205&w=2
- http://www.kb.cert.org/vuls/id/221683
- http://www.securityfocus.com/bid/3889
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7914
Products affected by CVE-2002-0206
-
cpe:2.3:a:francisco_burzi:php-nuke:1.0
-
cpe:2.3:a:francisco_burzi:php-nuke:2.5
-
cpe:2.3:a:francisco_burzi:php-nuke:3.0
-
cpe:2.3:a:francisco_burzi:php-nuke:4.0
-
cpe:2.3:a:francisco_burzi:php-nuke:4.3
-
cpe:2.3:a:francisco_burzi:php-nuke:4.4
-
cpe:2.3:a:francisco_burzi:php-nuke:4.4.1a
-
cpe:2.3:a:francisco_burzi:php-nuke:5.0
-
cpe:2.3:a:francisco_burzi:php-nuke:5.0.1
-
cpe:2.3:a:francisco_burzi:php-nuke:5.1
-
cpe:2.3:a:francisco_burzi:php-nuke:5.2
-
cpe:2.3:a:francisco_burzi:php-nuke:5.2a
-
cpe:2.3:a:francisco_burzi:php-nuke:5.3.1