Phpnuke: >> Php-Nuke >> 7.0 Security Vulnerabilities
PHP-Nuke 6.x through 7.6 allows remote attackers to obtain sensitive information via a direct request to (1) index.php with the forum_admin parameter set, (2) the Surveys module, or (3) the Your_Account module, which reveals the path in a PHP error message.
CVSS Score
5.0
EPSS Score
0.003
Published
2005-05-02
Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php.
CVSS Score
8.8
EPSS Score
0.006
Published
2004-12-31
Network Tools 0.2 for PHP-Nuke allows remote attackers to execute commands on the server via shell metacharacters in the $hostinput variable.
CVSS Score
7.5
EPSS Score
0.044
Published
2001-11-16
Page 3