What is the severity of CVE-2007-5032?

CVE-2007-5032 is classified as a medium-severity vulnerability due to its potential to allow unauthorized administrative account creation.

How do I fix CVE-2007-5032?

To fix CVE-2007-5032, update PHP-Nuke to a version that has patched the CSRF vulnerability.

What type of attack does CVE-2007-5032 enable?

CVE-2007-5032 enables a cross-site request forgery (CSRF) attack that allows attackers to gain unauthorized administrative access.

Can all versions of PHP-Nuke be affected by CVE-2007-5032?

Yes, CVE-2007-5032 affects multiple versions of PHP-Nuke up to version 8.0_final, as it exploits the vulnerabilities present in those versions.

What parameters are exploited in CVE-2007-5032?

CVE-2007-5032 specifically exploits the add_name and add_radminsuper parameters in the admin.php file.

Vulnerability/
CVE-2007-5032

medium

5.1

CWE

352

21/9/2007

15/10/2018

CVE-2007-5032: CSRF

First published: Fri Sep 21 2007(Updated: )

Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote attackers to add administrative accounts via an AddAuthor action with modified add_name and add_radminsuper parameters.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
PHP-Nuke	<=1.0
PHP-Nuke	<=7.4
PHP-Nuke	<=5.2a
PHP-Nuke	<=4.3
PHP-Nuke	<=6.7
PHP-Nuke	<=8.0_final
PHP-Nuke	<=6.0
PHP-Nuke	<=7.8
PHP-Nuke	<=5.6
PHP-Nuke	<=7.1
PHP-Nuke	<=7.2
PHP-Nuke	<=6.5_rc2
PHP-Nuke	<=4.4.1a
PHP-Nuke	<=5.2
PHP-Nuke	<=7.0_final
PHP-Nuke	<=6.5_final
PHP-Nuke	<=7.8_patched_3.2
PHP-Nuke	<=4.0.4
PHP-Nuke	<=7.5
PHP-Nuke	<=5.5
PHP-Nuke	<=6.9
PHP-Nuke	<=4.0
PHP-Nuke	<=7.3
PHP-Nuke	<=6.8
PHP-Nuke	<=5.0
PHP-Nuke	<=7.7
PHP-Nuke	<=2.5
PHP-Nuke	<=6.6
PHP-Nuke	<=6.5_beta1
PHP-Nuke	<=6.5_rc1
PHP-Nuke	<=3.0
PHP-Nuke	<=7.0
PHP-Nuke	<=6.5
PHP-Nuke	<=5.0.1
PHP-Nuke	<=7.9
PHP-Nuke	<=5.4
PHP-Nuke	<=6.5_rc3
PHP-Nuke	<=4.4
PHP-Nuke	<=7.6
PHP-Nuke	<=5.1
PHP-Nuke	<=5.3.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-5032?
CVE-2007-5032 is classified as a medium-severity vulnerability due to its potential to allow unauthorized administrative account creation.
How do I fix CVE-2007-5032?
To fix CVE-2007-5032, update PHP-Nuke to a version that has patched the CSRF vulnerability.
What type of attack does CVE-2007-5032 enable?
CVE-2007-5032 enables a cross-site request forgery (CSRF) attack that allows attackers to gain unauthorized administrative access.
Can all versions of PHP-Nuke be affected by CVE-2007-5032?
Yes, CVE-2007-5032 affects multiple versions of PHP-Nuke up to version 8.0_final, as it exploits the vulnerabilities present in those versions.
What parameters are exploited in CVE-2007-5032?
CVE-2007-5032 specifically exploits the add_name and add_radminsuper parameters in the admin.php file.

agent/type
agent/event
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
agent/references
agent/severity
agent/author
agent/weakness
agent/description
vendor/francisco burzi
canonical/php-nuke
version/php-nuke/1.0
version/php-nuke/7.4
version/php-nuke/5.2a
version/php-nuke/4.3
version/php-nuke/6.7
version/php-nuke/8.0_final
version/php-nuke/6.0
version/php-nuke/7.8
version/php-nuke/5.6
version/php-nuke/7.1
version/php-nuke/7.2
version/php-nuke/6.5_rc2
version/php-nuke/4.4.1a
version/php-nuke/5.2
version/php-nuke/7.0_final
version/php-nuke/6.5_final
version/php-nuke/7.8_patched_3.2
version/php-nuke/4.0.4
version/php-nuke/7.5
version/php-nuke/5.5
version/php-nuke/6.9
version/php-nuke/4.0
version/php-nuke/7.3
version/php-nuke/6.8
version/php-nuke/5.0
version/php-nuke/7.7
version/php-nuke/2.5
version/php-nuke/6.6
version/php-nuke/6.5_beta1
version/php-nuke/6.5_rc1
version/php-nuke/3.0
version/php-nuke/7.0
version/php-nuke/6.5
version/php-nuke/5.0.1
version/php-nuke/7.9
version/php-nuke/5.4
version/php-nuke/6.5_rc3
version/php-nuke/4.4
version/php-nuke/7.6
version/php-nuke/5.1
version/php-nuke/5.3.1