Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0745

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2000-0745
Last Modified 05 Sep 2008 04:21:47
Published 20 Oct 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0745

Summary

admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote attackers to gain privileges by requesting a URL that does not specify the aid or pwd parameter.

Vulnerable Systems

Application

  • Francisco Burzi Php-nuke 1.0

  • Francisco Burzi Php-nuke 2.5


References

BID - 1592

BUGTRAQ - 20000821 Vuln. in all sites using PHP-Nuke, versions less than 3

OSVDB - 1521


Last Updated: 27 May 2016 10:35:51