Unrated severityNVD Advisory· Published Sep 24, 2001· Updated Jun 16, 2026
CVE-2001-1032
CVE-2001-1032
Description
admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check login credentials for upload operations, which allows remote attackers to copy and upload arbitrary files and read the PHP-Nuke configuration file by directly calling admin.php with an upload parameter and specifying the file to copy.
Affected products
2Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.