PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2002-02-02T05:00:00
Updated: 2024-08-08T04:44:06.627Z
Reserved: 2002-01-31T00:00:00
Link: CVE-2001-1025
Vulnrichment
No data.
NVD
Status : Modified
Published: 2001-08-31T04:00:00.000
Modified: 2024-11-20T23:36:41.620
Link: CVE-2001-1025
Redhat
No data.