7 lines
No EOL
592 B
Text
Executable file
7 lines
No EOL
592 B
Text
Executable file
source: http://www.securityfocus.com/bid/6465/info
|
|
|
|
A denial of service vulnerability has been reported for the modules.php script used by PHP-Nuke. The vulnerability occurs because the modules.php script does not properly validate some URI parameters.
|
|
|
|
An attacker can exploit this vulnerability by modifying certain parameters when making a request for the modules.php script. This will prevent visitors to the site hosting PHP-Nuke from creating a new account thereby leading to a denial of service vulnerability.
|
|
|
|
http://target.com/modules.php?name=Your_Account&op=userinfo&uname= |