CVE-2001-1025
First published: Fri Aug 31 2001(Updated: )
PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Francisco Burzi PHP-Nuke | =5.0 | |
| Francisco Burzi PHP-Nuke | =5.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/francisco burzi
- canonical/francisco burzi php-nuke
- version/francisco burzi php-nuke/5.0
- version/francisco burzi php-nuke/5.0.1