PHP-Nuke 5.1 stores user and administrator passwords in a base-64 encoded cookie, which could allow remote malicious users to gain privileges by stealing or sniffing the cookie and decoding it.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
francisco burzi php-nuke 5.1 |
||
francisco burzi php-nuke 5.2 |
||
francisco burzi php-nuke 5.3.1 |
||
postnuke software foundation postnuke 0.64 |