index.php in Francisco Burzi PHP-Nuke 5.3.1 and previous versions, and possibly other versions prior to 5.5, allows remote malicious users to execute arbitrary PHP code by specifying a URL to the malicious code in the file parameter.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
francisco burzi php-nuke 1.0 |
||
francisco burzi php-nuke 5.0.1 |
||
francisco burzi php-nuke 5.1 |
||
francisco burzi php-nuke 4.3 |
||
francisco burzi php-nuke 4.4 |
||
francisco burzi php-nuke 5.3.1 |
||
francisco burzi php-nuke 4.4.1a |
||
francisco burzi php-nuke 5.0 |
||
francisco burzi php-nuke 2.5 |
||
francisco burzi php-nuke 3.0 |
||
francisco burzi php-nuke 4.0 |
||
francisco burzi php-nuke 5.2 |
||
francisco burzi php-nuke 5.2a |
Vulmon