Postnuke Software Foundation : Security Vulnerabilities, CVEs, Published In 2001 CVSS score >= 7
PHP-Nuke 5.1 stores user and administrator passwords in a base-64 encoded cookie, which could allow remote attackers to gain privileges by stealing or sniffing the cookie and decoding it.
Max CVSS
7.5
EPSS Score
1.14%
Published
2001-11-21
Updated
2017-12-19
SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter.
Max CVSS
7.5
EPSS Score
0.28%
Published
2001-10-13
Updated
2017-07-11
2 vulnerabilities found