CVE-2004-2044
PHP-Nuke 5.x/6.x/7.x - Direct Script Access Security Bypass
Severity Score
9.1
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2004-06-01 CVE Published
- 2004-06-01 First Exploit
- 2005-05-04 CVE Reserved
- 2024-08-08 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (13)
| URL | Tag | Source |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2004-06/0005.html | Mailing List | |
| http://archives.neohapsis.com/archives/bugtraq/2004-06/0006.html | Mailing List | |
| http://marc.info/?l=bugtraq&m=108611606320559&w=2 | Mailing List | |
| http://marc.info/?l=bugtraq&m=108611643614881&w=2 | Mailing List | |
| http://marc.info/?l=bugtraq&m=108662955105757&w=2 | Mailing List | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16294 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16296 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16297 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16298 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/24166 | 2004-06-01 | |
| http://www.securityfocus.com/bid/10447 | 2024-08-08 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/11766 | 2017-07-11 | |
| http://www.osvdb.org/6593 | 2017-07-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 5.0 Search vendor "Francisco Burzi" for product "Php-nuke" and version "5.0" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 5.0.1 Search vendor "Francisco Burzi" for product "Php-nuke" and version "5.0.1" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 5.1 Search vendor "Francisco Burzi" for product "Php-nuke" and version "5.1" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 5.2 Search vendor "Francisco Burzi" for product "Php-nuke" and version "5.2" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 5.2a Search vendor "Francisco Burzi" for product "Php-nuke" and version "5.2a" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 5.3.1 Search vendor "Francisco Burzi" for product "Php-nuke" and version "5.3.1" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 5.4 Search vendor "Francisco Burzi" for product "Php-nuke" and version "5.4" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 5.5 Search vendor "Francisco Burzi" for product "Php-nuke" and version "5.5" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 5.6 Search vendor "Francisco Burzi" for product "Php-nuke" and version "5.6" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 6.0 Search vendor "Francisco Burzi" for product "Php-nuke" and version "6.0" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 6.5 Search vendor "Francisco Burzi" for product "Php-nuke" and version "6.5" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 6.5_beta1 Search vendor "Francisco Burzi" for product "Php-nuke" and version "6.5_beta1" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 6.5_final Search vendor "Francisco Burzi" for product "Php-nuke" and version "6.5_final" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 6.5_rc1 Search vendor "Francisco Burzi" for product "Php-nuke" and version "6.5_rc1" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 6.5_rc2 Search vendor "Francisco Burzi" for product "Php-nuke" and version "6.5_rc2" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 6.5_rc3 Search vendor "Francisco Burzi" for product "Php-nuke" and version "6.5_rc3" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 6.6 Search vendor "Francisco Burzi" for product "Php-nuke" and version "6.6" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 6.7 Search vendor "Francisco Burzi" for product "Php-nuke" and version "6.7" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 6.9 Search vendor "Francisco Burzi" for product "Php-nuke" and version "6.9" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 7.0 Search vendor "Francisco Burzi" for product "Php-nuke" and version "7.0" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 7.0_final Search vendor "Francisco Burzi" for product "Php-nuke" and version "7.0_final" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 7.1 Search vendor "Francisco Burzi" for product "Php-nuke" and version "7.1" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 7.2 Search vendor "Francisco Burzi" for product "Php-nuke" and version "7.2" | - |
Affected
| ||||||
| Francisco Burzi Search vendor "Francisco Burzi" | Php-nuke Search vendor "Francisco Burzi" for product "Php-nuke" | 7.3 Search vendor "Francisco Burzi" for product "Php-nuke" and version "7.3" | - |
Affected
| ||||||
| Oscommerce Search vendor "Oscommerce" | Osc2nuke Search vendor "Oscommerce" for product "Osc2nuke" | 7x_1.0 Search vendor "Oscommerce" for product "Osc2nuke" and version "7x_1.0" | - |
Affected
| ||||||
| Paul Laudanski Search vendor "Paul Laudanski" | Betanc Php-nuke Search vendor "Paul Laudanski" for product "Betanc Php-nuke" | bundle Search vendor "Paul Laudanski" for product "Betanc Php-nuke" and version "bundle" | - |
Affected
| ||||||
| Trustix Search vendor "Trustix" | Secure Linux Search vendor "Trustix" for product "Secure Linux" | 2.0 Search vendor "Trustix" for product "Secure Linux" and version "2.0" | - |
Affected
| ||||||
| Trustix Search vendor "Trustix" | Secure Linux Search vendor "Trustix" for product "Secure Linux" | 2.1 Search vendor "Trustix" for product "Secure Linux" and version "2.1" | - |
Affected
| ||||||