Exploitation Summary
EIP tracks 1 public exploit for CVE-2001-0899. PoCs published by Cabezon Aurélien.
AI-analyzed exploit summary The writeup describes a command injection vulnerability in the Network Tool PHPNuke addon, where metacharacters in user input are not properly filtered, allowing arbitrary command execution with the privileges of the web server.
Description
Network Tools 0.2 for PHP-Nuke allows remote attackers to execute commands on the server via shell metacharacters in the $hostinput variable.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Cabezon Aurélien · textremotephp
https://www.exploit-db.com/exploits/21155
The writeup describes a command injection vulnerability in the Network Tool PHPNuke addon, where metacharacters in user input are not properly filtered, allowing arbitrary command execution with the privileges of the web server.
Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:
Network Tool (PHPNuke addon)
No auth needed
Prerequisites:
Access to the vulnerable PHPNuke addon interface
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Patch x_refsource_confirm
http://phpnukerz.org/modules.php?name=Downloads&d_op=viewsdownload&sid=32
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7578
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=100593523104176&w=2
Scores
EPSS
0.0891
EPSS Percentile
94.6%
Details
Status
published
Products (2)
phpnuke/php-nuke
rick_fournier/network_tools
0.2
Published
Nov 16, 2001
Tracked Since
Feb 18, 2026