CVE-2000-0745
PHP-Nuke - Unauthenticated Privilege Escalation via Missing Parameter Validation
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2000-0745. PoCs published by bruj0.
AI-analyzed exploit summary The exploit describes an authentication bypass vulnerability in PHP-Nuke due to improper handling of database query results. By supplying an empty password, an attacker can bypass authentication and gain administrative privileges.
Description
admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote attackers to gain privileges by requesting a URL that does not specify the aid or pwd parameter.
Exploits (1)
The exploit describes an authentication bypass vulnerability in PHP-Nuke due to improper handling of database query results. By supplying an empty password, an attacker can bypass authentication and gain administrative privileges.