CVE-2001-1025

High

10/10

Summary

PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: COMPLETE
Confidentiality Impact: COMPLETE
Availability Impact: COMPLETE

References

Advisory Timeline

Published Aug 31, 2001

CVE-2001-1025

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS