Vulnerabilities > Francisco Burzi > PHP Nuke > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-12-06 | CVE-2001-0854 | Unspecified vulnerability in Francisco Burzi PHP-Nuke 5.2 PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of the user. | 5.0 |
| 2001-06-18 | CVE-2001-0383 | Remote Ad Banner URL Change vulnerability in PHP Nuke banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to modify banner ad URLs by directly calling the Change operation, which does not require authentication. | 5.0 |
| 2001-05-03 | CVE-2001-0321 | Remote Security vulnerability in Francisco Burzi PHP-Nuke 8.0Final opendir.php script in PHP-Nuke allows remote attackers to read arbitrary files by specifying the filename as an argument to the requesturl parameter. | 5.0 |