PHP-Nuke Software Detection

high Nessus Network Monitor Plugin ID 1591

Synopsis

The remote host is running a copy of PHP-Nuke.

Description

The remote host is running a copy of PHP-Nuke. Given the history of this package, we recommend that you do not use it, as security was not important to the authors of the software. The author of PHP-Nuke (Francisco Burzi) even started to rewrite the program from scratch, given the huge number of vulnerabilities.

Solution

Do not use this software.

See Also

http://www.phpnuke.org/modules.php?name=News&file=article&sid=5640

Plugin Details

Severity: High

ID: 1591

Family: Web Servers

Published: 8/20/2004

Updated: 3/6/2019

Nessus ID: 11236

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 7.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:H/RL:U/RC:X

Vulnerability Information

CPE: cpe:/a:francisco_burzi:php-nuke

Reference Information

CVE: CVE-2000-0745, CVE-2001-0001, CVE-2001-0292, CVE-2001-0320, CVE-2001-0321, CVE-2001-0383, CVE-2001-0854, CVE-2001-0899, CVE-2001-0900, CVE-2001-0911, CVE-2001-1025, CVE-2001-1032, CVE-2001-1521, CVE-2001-1524, CVE-2002-0206, CVE-2002-0483, CVE-2002-1242, CVE-2002-1803, CVE-2002-2032, CVE-2003-1400, CVE-2003-1435, CVE-2005-0433, CVE-2005-0434

BID: 12561, 6446, 6465, 6503, 6750, 6887, 6890, 7031, 7060, 7078, 7079, 1592, 2422, 2424, 2431, 2544, 3106, 3107, 3114, 3149, 3361, 3510, 3567, 3609, 3889, 3906, 4302, 4333, 5476, 5788, 5796, 5799, 5953, 6088, 6244, 6399, 6400, 6406, 6409, 3554