CVE-2001-0320
Summary
bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote attackers to read arbitrary files and gain PHP administrator privileges by inserting a null character and .. (dot dot) sequences into a malformed username argument.
- LOW
- NETWORK
- NONE
- COMPLETE
- COMPLETE
- COMPLETE
References
Advisory Timeline
- Published