Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1032


Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1032
Last Modified 05 Sep 2008 04:25:31
Published 24 Sep 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check login credentials for upload operations, which allows remote attackers to copy and upload arbitrary files and read the PHP-Nuke configuration file by directly calling admin.php with an upload parameter and specifying the file to copy.

Vulnerable Systems


  • Francisco Burzi Php-nuke 5.2


XF - php-nuke-admin-file-overwrite(7170)


BUGTRAQ - 20010924 twlc advisory: all versions of php nuke are vulnerable...

BID - 3361

Last Updated: 27 May 2016 10:36:30