PHP-Nuke 6.0 – ‘modules.php’ Denial of Service

PHP-Nuke 6.0 – ‘modules.php’ Denial of Service

漏洞ID 1053668 漏洞类型
发布时间 2002-12-23 更新时间 2002-12-23
图片[1]-PHP-Nuke 6.0 – ‘modules.php’ Denial of Service-安全小百科CVE编号 N/A
图片[2]-PHP-Nuke 6.0 – ‘modules.php’ Denial of Service-安全小百科CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22110
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/6465/info

A denial of service vulnerability has been reported for the modules.php script used by PHP-Nuke. The vulnerability occurs because the modules.php script does not properly validate some URI parameters.

An attacker can exploit this vulnerability by modifying certain parameters when making a request for the modules.php script. This will prevent visitors to the site hosting PHP-Nuke from creating a new account thereby leading to a denial of service vulnerability. 

http://target.com/modules.php?name=Your_Account&op=userinfo&uname=

相关推荐: Microsoft IIS HTTP Redirect Cross Site Scripting Vulnerability

Microsoft IIS HTTP Redirect Cross Site Scripting Vulnerability 漏洞ID 1102262 漏洞类型 Input Validation Error 发布时间 2002-04-10 更新时间 2002-…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享