Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5032

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2007-5032
Last Modified 15 Nov 2008 01:59:27
Published 21 Sep 2007 03:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2007-5032

Summary

Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote attackers to add administrative accounts via an AddAuthor action with modified add_name and add_radminsuper parameters.

Vulnerable Systems

Application

  • Francisco Burzi Php-nuke 1.0

  • Francisco Burzi Php-nuke 2.5

  • Francisco Burzi Php-nuke 3.0

  • Francisco Burzi Php-nuke 4.0

  • Francisco Burzi Php-nuke 4.0.4

  • Francisco Burzi Php-nuke 4.3

  • Francisco Burzi Php-nuke 4.4

  • Francisco Burzi Php-nuke 4.4.1a

  • Francisco Burzi Php-nuke 5.0

  • Francisco Burzi Php-nuke 5.0.1

  • Francisco Burzi Php-nuke 5.1

  • Francisco Burzi Php-nuke 5.2

  • Francisco Burzi Php-nuke 5.2a

  • Francisco Burzi Php-nuke 5.3.1

  • Francisco Burzi Php-nuke 5.4

  • Francisco Burzi Php-nuke 5.5

  • Francisco Burzi Php-nuke 5.6

  • Francisco Burzi Php-nuke 6.0

  • Francisco Burzi Php-nuke 6.5

  • Francisco Burzi Php-nuke 6.5 Beta1

  • Francisco Burzi Php-nuke 6.5 Final

  • Francisco Burzi Php-nuke 6.5 Rc1

  • Francisco Burzi Php-nuke 6.5 Rc2

  • Francisco Burzi Php-nuke 6.5 Rc3

  • Francisco Burzi Php-nuke 6.6

  • Francisco Burzi Php-nuke 6.7

  • Francisco Burzi Php-nuke 6.8

  • Francisco Burzi Php-nuke 6.9

  • Francisco Burzi Php-nuke 7.0

  • Francisco Burzi Php-nuke 7.0 Final

  • Francisco Burzi Php-nuke 7.1

  • Francisco Burzi Php-nuke 7.2

  • Francisco Burzi Php-nuke 7.3

  • Francisco Burzi Php-nuke 7.4

  • Francisco Burzi Php-nuke 7.5

  • Francisco Burzi Php-nuke 7.6

  • Francisco Burzi Php-nuke 7.7

  • Francisco Burzi Php-nuke 7.8

  • Francisco Burzi Php-nuke 7.8 Patched 3.2

  • Francisco Burzi Php-nuke 7.9

  • Francisco Burzi Php-nuke 8.0 Final


References

BUGTRAQ - 20070920 PHP-Nuke add admin ALL Versions

OSVDB - 42521

SREASON - 3157


Last Updated: 27 May 2016 10:46:02