Sign-up

ID

VAR-200412-0931


CVE

CVE-2004-2018


TITLE

PHP-Nuke Modpath Parameter file contains vulnerabilities

Trust: 0.6

sources: CNNVD: CNNVD-200412-315

DESCRIPTION

PHP remote file inclusion vulnerability in index.php in Php-Nuke 6.x through 7.3 allows remote attackers to execute arbitrary PHP code by modifying the modpath parameter to reference a URL on a remote web server that contains the code. PHP-Nuke is prone to a potential file include vulnerability. This issue could allow a remote attacker to include malicious files containing aribtrary code to be executed on a vulnerable system. This issue can be exploited via the 'modpath' parameter. If successful, the malicious script supplied by the attacker will be executed in the context of the web server hosting the vulnerable software. PHP-Nuke is a popular website creation and management tool, it can use many database software as backend, such as MySQL, PostgreSQL, mSQL, Interbase, Sybase, etc. There is a file inclusion problem in PHP-Nuke. A remote attacker can use this vulnerability to view the content of any file in the system with the authority of the WEB process. PHP-Nuke lacks filtering for the data submitted by users to the \'\'modpath\'\' parameter

Trust: 1.26

sources: NVD: CVE-2004-2018 // BID: 10365 // VULHUB: VHN-10446

AFFECTED PRODUCTS

vendor:francisco burzimodel:php-nukescope:eqversion:6.7

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.0

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.2

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.0

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.3

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.5

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_beta1

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.1

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.9

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:7.0_final

Trust: 1.6

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_rc3

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_rc2

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_final

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:6.5_rc1

Trust: 1.0

vendor:francisco burzimodel:php-nukescope:eqversion:6.6

Trust: 1.0

vendor:franciscomodel:burzi php-nukescope:eqversion:7.3

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:7.2

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:7.1

Trust: 0.3

vendor:franciscomodel:burzi php-nuke finalscope:eqversion:7.0

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:7.0

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.9

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.7

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.6

Trust: 0.3

vendor:franciscomodel:burzi php-nuke rc3scope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke rc2scope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke rc1scope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke finalscope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nuke betascope:eqversion:6.51

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.5

Trust: 0.3

vendor:franciscomodel:burzi php-nukescope:eqversion:6.0

Trust: 0.3

sources: BID: 10365 // CNNVD: CNNVD-200412-315 // NVD: CVE-2004-2018

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-2018
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200412-315
value: HIGH

Trust: 0.6

VULHUB: VHN-10446
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2004-2018
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-10446
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-10446 // CNNVD: CNNVD-200412-315 // NVD: CVE-2004-2018

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-2018

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200412-315

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-200412-315

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-10446

EXTERNAL IDS
db:BIDid:10365
Trust: 2.0
db:OSVDBid:6222
Trust: 1.7
db:NVDid:CVE-2004-2018
Trust: 1.7
db:SECUNIAid:11625
Trust: 1.7
db:CNNVDid:CNNVD-200412-315
Trust: 0.7
db:BUGTRAQid:20040517 [WARAXE-2004-SA#029 - POSSIBLE REMOTE FILE INCLUSION IN PHPNUKE 6.X - 7.3]
Trust: 0.6
db:XFid:16218
Trust: 0.6
db:NSFOCUSid:6458
Trust: 0.6
db:FULLDISCid:20040517 [WARAXE-2004-SA#029 - POSSIBLE REMOTE FILE INCLUSION IN PHPNUKE 6.X - 7.3]
Trust: 0.6
db:EXPLOIT-DBid:24127
Trust: 0.1
db:SEEBUGid:SSVID-77863
Trust: 0.1
db:VULHUBid:VHN-10446
Trust: 0.1
sources:
            
            
            VULHUB: VHN-10446 // 
            
            
            
            BID: 10365 // 
            
            
            
            CNNVD: CNNVD-200412-315 // 
            
            
            
            NVD: CVE-2004-2018

REFERENCES
url:http://www.securityfocus.com/bid/10365
Trust: 1.7
url:http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0870.html
Trust: 1.7
url:http://www.osvdb.org/6222
Trust: 1.7
url:http://secunia.com/advisories/11625
Trust: 1.7
url:http://www.waraxe.us/index.php?modname=sa&id=29
Trust: 1.6
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/16218
Trust: 1.1
url:http://marc.info/?l=bugtraq&m=108482888621896&w=2
Trust: 1.0
url:http://xforce.iss.net/xforce/xfdb/16218
Trust: 0.6
url:http://marc.theaimsgroup.com/?l=bugtraq&m=108482888621896&w=2
Trust: 0.6
url:http://www.nsfocus.net/vulndb/6458
Trust: 0.6
url:http://www.irannuke.com/
Trust: 0.3
url:http://marc.info/?l=bugtraq&m=108482888621896&w=2
Trust: 0.1
url:http://www.waraxe.us/index.php?modname=sa&id=29
Trust: 0.1
sources:
            
            
            VULHUB: VHN-10446 // 
            
            
            
            BID: 10365 // 
            
            
            
            CNNVD: CNNVD-200412-315 // 
            
            
            
            NVD: CVE-2004-2018

CREDITS
Janek Vind waraxe※ come2waraxe@yahoo.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200412-315

SOURCES
db:VULHUBid:VHN-10446
db:BIDid:10365
db:CNNVDid:CNNVD-200412-315
db:NVDid:CVE-2004-2018

LAST UPDATE DATE
2024-08-14T13:40:15.857000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-10446date:2017-07-11T00:00:00
db:BIDid:10365date:2004-05-17T00:00:00
db:CNNVDid:CNNVD-200412-315date:2006-09-28T00:00:00
db:NVDid:CVE-2004-2018date:2017-07-11T01:31:33.357

SOURCES RELEASE DATE
db:VULHUBid:VHN-10446date:2004-12-31T00:00:00
db:BIDid:10365date:2004-05-17T00:00:00
db:CNNVDid:CNNVD-200412-315date:2004-05-17T00:00:00
db:NVDid:CVE-2004-2018date:2004-12-31T05:00:00