CVE-2004-2044 : Detail

PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string.

Metrics

EPSS

EPSS Score

EPSS Percentile

Exploit information

Exploit Database EDB-ID : 24166

Publication date : 2004-05-31 22h00 +00:00
Author : Squid
EDB Verified : Yes

Products Mentioned

Configuraton 0

Francisco_burzi>>Php-nuke >> Version 5.0

Francisco_burzi>>Php-nuke >> Version 5.0.1

Francisco_burzi>>Php-nuke >> Version 5.1

Francisco_burzi>>Php-nuke >> Version 5.2

Francisco_burzi>>Php-nuke >> Version 5.2a

Francisco_burzi>>Php-nuke >> Version 5.3.1

Francisco_burzi>>Php-nuke >> Version 5.4

Francisco_burzi>>Php-nuke >> Version 5.5

Francisco_burzi>>Php-nuke >> Version 5.6

Francisco_burzi>>Php-nuke >> Version 6.0

Francisco_burzi>>Php-nuke >> Version 6.5

Francisco_burzi>>Php-nuke >> Version 6.5_beta1

Francisco_burzi>>Php-nuke >> Version 6.5_final

Francisco_burzi>>Php-nuke >> Version 6.5_rc1

Francisco_burzi>>Php-nuke >> Version 6.5_rc2

Francisco_burzi>>Php-nuke >> Version 6.5_rc3

Francisco_burzi>>Php-nuke >> Version 6.6

Francisco_burzi>>Php-nuke >> Version 6.7

Francisco_burzi>>Php-nuke >> Version 6.9

Francisco_burzi>>Php-nuke >> Version 7.0

Francisco_burzi>>Php-nuke >> Version 7.0_final

Francisco_burzi>>Php-nuke >> Version 7.1

Francisco_burzi>>Php-nuke >> Version 7.2

Francisco_burzi>>Php-nuke >> Version 7.3

Oscommerce>>Osc2nuke >> Version 7x_1.0

Paul_laudanski>>Betanc_php-nuke >> Version bundle

Configuraton 0

Trustix>>Secure_linux >> Version 2.0

Trustix>>Secure_linux >> Version 2.1

References