Vulnerability Details CVE-2004-1842
Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.2%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- http://marc.info/?l=bugtraq&m=108006309112075&w=2
- http://secunia.com/advisories/11195
- http://www.securityfocus.com/bid/9895
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15596
- http://marc.info/?l=bugtraq&m=108006309112075&w=2
- http://secunia.com/advisories/11195
- http://www.securityfocus.com/bid/9895
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15596
Products affected by CVE-2004-1842
-
cpe:2.3:a:phpnuke:php-nuke:6.0
-
cpe:2.3:a:phpnuke:php-nuke:6.5
-
cpe:2.3:a:phpnuke:php-nuke:6.6
-
cpe:2.3:a:phpnuke:php-nuke:6.7
-
cpe:2.3:a:phpnuke:php-nuke:6.8
-
cpe:2.3:a:phpnuke:php-nuke:6.9
-
cpe:2.3:a:phpnuke:php-nuke:7.0
-
cpe:2.3:a:phpnuke:php-nuke:7.1