Sign-up

ID

VAR-200105-0067


CVE

CVE-2001-0321


TITLE

PHP-Nuke opendir.php Remote directory traversal vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200105-063

DESCRIPTION

opendir.php script in PHP-Nuke allows remote attackers to read arbitrary files by specifying the filename as an argument to the requesturl parameter. PHP-Nuke is prone to a remote security vulnerability. PHP-Nuke is a popular website development and management tool. PHP-Nuke's opendir.php script implementation has an input validation vulnerability. < *Link: http://www.iss.net/security_center/static/6512.php* >

Trust: 1.26

sources: NVD: CVE-2001-0321 // BID: 88787 // VULHUB: VHN-3143

AFFECTED PRODUCTS

vendor:francisco burzimodel:php-nukescope:eqversion:8.0_final

Trust: 1.6

vendor:franciscomodel:burzi php-nuke finalscope:eqversion:8.0

Trust: 0.3

sources: BID: 88787 // CNNVD: CNNVD-200105-063 // NVD: CVE-2001-0321

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2001-0321
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200105-063
value: MEDIUM

Trust: 0.6

VULHUB: VHN-3143
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2001-0321
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-3143
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-3143 // CNNVD: CNNVD-200105-063 // NVD: CVE-2001-0321

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-0321

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200105-063

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200105-063

EXTERNAL IDS

db:NVDid:CVE-2001-0321

Trust: 2.0

db:XFid:6512

Trust: 0.9

db:CNNVDid:CNNVD-200105-063

Trust: 0.7

db:BUGTRAQid:20010212 FWD: RE: PHPNUKE, SECURITY PROBLEM...

Trust: 0.6

db:BIDid:88787

Trust: 0.4

db:VULHUBid:VHN-3143

Trust: 0.1

sources: VULHUB: VHN-3143 // BID: 88787 // CNNVD: CNNVD-200105-063 // NVD: CVE-2001-0321

REFERENCES

url:http://archives.neohapsis.com/archives/bugtraq/2001-02/0214.html

Trust: 2.0

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/6512

Trust: 1.1

url:http://xforce.iss.net/static/6512.php

Trust: 0.9

url:http://www.phpnuke.org

Trust: 0.3

sources: VULHUB: VHN-3143 // BID: 88787 // CNNVD: CNNVD-200105-063 // NVD: CVE-2001-0321

CREDITS

Unknown

Trust: 0.3

sources: BID: 88787

SOURCES

db:VULHUBid:VHN-3143
db:BIDid:88787
db:CNNVDid:CNNVD-200105-063
db:NVDid:CVE-2001-0321

LAST UPDATE DATE

2024-08-14T14:48:20.669000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-3143date:2017-10-10T00:00:00
db:BIDid:88787date:2001-05-03T00:00:00
db:CNNVDid:CNNVD-200105-063date:2005-05-02T00:00:00
db:NVDid:CVE-2001-0321date:2017-10-10T01:29:40.843

SOURCES RELEASE DATE

db:VULHUBid:VHN-3143date:2001-05-03T00:00:00
db:BIDid:88787date:2001-05-03T00:00:00
db:CNNVDid:CNNVD-200105-063date:2001-02-15T00:00:00
db:NVDid:CVE-2001-0321date:2001-05-03T04:00:00