CVE-2006-0805

php-Nuke 6.0-7.9 - Auth Bypass

Title source: llm

Description

The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed challenge/response pairs that only vary once per day based on the User Agent (HTTP_USER_AGENT), which allows remote attackers to bypass CAPTCHA controls by fixing the User Agent, performing a valid challenge/response, then replaying that pair in the random_num and gfx_check parameters.

Exploits (1)

exploitdb WORKING POC VERIFIED

by waraxe · htmlwebappsphp

https://www.exploit-db.com/exploits/27249

View Code ZIP pw:eip

References (5)

[Exploit] http://www.securityfocus.com/bid/16722

[Third Party Advisory] http://securityreason.com/securityalert/455

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/425394/100/0/threaded

[Third Party Advisory] http://secunia.com/advisories/18936

[Exploit, Vendor Advisory] http://www.waraxe.us/advisory-45.html

Scores

EPSS 0.0176

EPSS Percentile 82.7%

Details

Status published

Products (21)

francisco_burzi/php-nuke 6.0

francisco_burzi/php-nuke 6.5

francisco_burzi/php-nuke 6.5_beta1

francisco_burzi/php-nuke 6.5_final

francisco_burzi/php-nuke 6.5_rc1

francisco_burzi/php-nuke 6.5_rc2

francisco_burzi/php-nuke 6.5_rc3

francisco_burzi/php-nuke 6.6

francisco_burzi/php-nuke 6.7

francisco_burzi/php-nuke 6.9

... and 11 more

Published Feb 21, 2006

Tracked Since Feb 18, 2026