Vulnerability   
Search   
    Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.11236
Category:CGI abuses
Title:PHP-Nuke is installed on the remote host
Summary:NOSUMMARY
Description:Description:

The remote host is running a copy of PHP-Nuke.

Given the insecurity history of this package, the Nessus
team recommends that you do not use it but
use something else instead, as security was clearly
not in the mind of the persons who wrote it.

The author of PHP-Nuke (Francisco Burzi) even started to rewrite
the program from scratch, given the huge number of vulnerabilities
(http://www.phpnuke.org/modules.php?name=News&file=article&sid=5640)

Solution : De-install this package and use something else
Risk factor : High

Cross-Ref: BugTraq ID: 6446
BugTraq ID: 6465
BugTraq ID: 6503
BugTraq ID: 6750
BugTraq ID: 6887
BugTraq ID: 6890
BugTraq ID: 7031
BugTraq ID: 7060
BugTraq ID: 7078
BugTraq ID: 7079
Common Vulnerability Exposure (CVE) ID: CVE-2001-0292
Bugtraq: 20010302 PHPNUKE4.4.1a Advisory (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2001-02/0525.html
Common Vulnerability Exposure (CVE) ID: CVE-2001-0320
Bugtraq: 20010223 Yet another hole in PHP-Nuke (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2001-02/0425.html
Common Vulnerability Exposure (CVE) ID: CVE-2001-0854
BugTraq ID: 3510
http://www.securityfocus.com/bid/3510
Bugtraq: 20011105 Copying and Deleting Files Using PHP-Nuke (Google Search)
http://marc.info/?l=bugtraq&m=100525739116093&w=2
http://www.iss.net/security_center/static/7478.php
Common Vulnerability Exposure (CVE) ID: CVE-2001-0911
BugTraq ID: 3567
http://www.securityfocus.com/bid/3567
Bugtraq: 20011121 PhpNuke Admin password can be stolen ! (Google Search)
http://marc.info/?l=bugtraq&m=100638850219503&w=2
XForce ISS Database: phpnuke-postnuke-insecure-passwords(7596)
https://exchange.xforce.ibmcloud.com/vulnerabilities/7596
Common Vulnerability Exposure (CVE) ID: CVE-2001-1025
BugTraq ID: 3149
http://www.securityfocus.com/bid/3149
http://archives.neohapsis.com/archives/vulnwatch/2001-q3/0019.html
Common Vulnerability Exposure (CVE) ID: CVE-2002-0206
BugTraq ID: 3889
http://www.securityfocus.com/bid/3889
Bugtraq: 20020116 PHP-Nuke allows Command Execution & Much more (Google Search)
http://marc.info/?l=bugtraq&m=101121913914205&w=2
CERT/CC vulnerability note: VU#221683
http://www.kb.cert.org/vuls/id/221683
XForce ISS Database: phpnuke-index-command-execution(7914)
https://exchange.xforce.ibmcloud.com/vulnerabilities/7914
Common Vulnerability Exposure (CVE) ID: CVE-2002-0483
BugTraq ID: 4333
http://www.securityfocus.com/bid/4333
Bugtraq: 20020320 Fw: PHPNuke 5.4 Path Disclosure Vulnerability? (Google Search)
http://online.securityfocus.com/archive/1/263337
http://www.iss.net/security_center/static/8618.php
Common Vulnerability Exposure (CVE) ID: CVE-2002-1242
BugTraq ID: 6088
http://www.securityfocus.com/bid/6088
Bugtraq: 20021101 iDEFENSE Security Advisory 10.31.02c: PHP-Nuke SQL Injection Vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=103616324103171&w=2
http://www.idefense.com/advisory/10.31.02c.txt
http://www.osvdb.org/6244
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0051.html
http://www.iss.net/security_center/static/10516.php
CopyrightThis script is Copyright (C) 2003 Renaud Deraison

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.