admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote malicious users to gain privileges by requesting a URL that does not specify the aid or pwd parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
francisco burzi php-nuke 2.5 |
||
francisco burzi php-nuke 1.0 |