What is the severity of CVE-2011-1482?

CVE-2011-1482 has a medium severity rating due to its potential for CSRF attacks on administrator functionalities.

How do I fix CVE-2011-1482?

To fix CVE-2011-1482, it's recommended to upgrade to a version of PHP-Nuke that is later than 8.0 which resolves the CSRF vulnerabilities.

What versions of PHP-Nuke are affected by CVE-2011-1482?

CVE-2011-1482 affects all versions of PHP-Nuke up to and including 8.0.

What type of attacks can CVE-2011-1482 enable?

CVE-2011-1482 enables remote attackers to perform CSRF attacks which can hijack the authentication of administrators.

Can I mitigate CVE-2011-1482 without upgrading PHP-Nuke?

Mitigation of CVE-2011-1482 without upgrading can be challenging; implementing CSRF tokens in requests can be a temporary workaround.

Vulnerability/
CVE-2011-1482

medium

6.8

CWE

352

21/6/2011

16/9/2024

CVE-2011-1482: CSRF

First published: Tue Jun 21 2011(Updated: )

Multiple cross-site request forgery (CSRF) vulnerabilities in mainfile.php in Francisco Burzi PHP-Nuke 8.0 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts or (2) grant the administrative privilege to a user account, related to a Referer check that uses a substring comparison.

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
PHP-Nuke	=5.6
PHP-Nuke	=7.3
PHP-Nuke	=7.4
PHP-Nuke	=7.1
PHP-Nuke	=5.0.1
PHP-Nuke	=5.5
PHP-Nuke	=7.9
PHP-Nuke	=5.3
PHP-Nuke	=6.9
PHP-Nuke	=5.3.1
PHP-Nuke	=5.0
PHP-Nuke	=6.8
PHP-Nuke	=6.6
PHP-Nuke	=7.5
PHP-Nuke	=7.2
PHP-Nuke	=7.7
PHP-Nuke	<=8.0
PHP-Nuke	=5.2
PHP-Nuke	=7.8
PHP-Nuke	=6.0
PHP-Nuke	=6.7
PHP-Nuke	=7.0
PHP-Nuke	=6.5
PHP-Nuke	=5.1
PHP-Nuke	=7.6
PHP-Nuke	=5.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-1482?
CVE-2011-1482 has a medium severity rating due to its potential for CSRF attacks on administrator functionalities.
How do I fix CVE-2011-1482?
To fix CVE-2011-1482, it's recommended to upgrade to a version of PHP-Nuke that is later than 8.0 which resolves the CSRF vulnerabilities.
What versions of PHP-Nuke are affected by CVE-2011-1482?
CVE-2011-1482 affects all versions of PHP-Nuke up to and including 8.0.
What type of attacks can CVE-2011-1482 enable?
CVE-2011-1482 enables remote attackers to perform CSRF attacks which can hijack the authentication of administrators.
Can I mitigate CVE-2011-1482 without upgrading PHP-Nuke?
Mitigation of CVE-2011-1482 without upgrading can be challenging; implementing CSRF tokens in requests can be a temporary workaround.

agent/references
agent/author
agent/type
agent/softwarecombine
agent/severity
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
collector/nvd-api
vendor/phpnuke
canonical/php-nuke
version/php-nuke/5.6
version/php-nuke/7.3
version/php-nuke/7.4
version/php-nuke/7.1
version/php-nuke/5.0.1
version/php-nuke/5.5
version/php-nuke/7.9
version/php-nuke/5.3
version/php-nuke/6.9
version/php-nuke/5.3.1
version/php-nuke/5.0
version/php-nuke/6.8
version/php-nuke/6.6
version/php-nuke/7.5
version/php-nuke/7.2
version/php-nuke/7.7
version/php-nuke/8.0
version/php-nuke/5.2
version/php-nuke/7.8
version/php-nuke/6.0
version/php-nuke/6.7
version/php-nuke/7.0
version/php-nuke/6.5
version/php-nuke/5.1
version/php-nuke/7.6
version/php-nuke/5.4