Unrated severityNVD Advisory· Published Jun 21, 2011· Updated Apr 29, 2026
CVE-2011-1482
CVE-2011-1482
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in mainfile.php in Francisco Burzi PHP-Nuke 8.0 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts or (2) grant the administrative privilege to a user account, related to a Referer check that uses a substring comparison.
Affected products
26cpe:2.3:a:phpnuke:php-nuke:*:*:*:*:*:*:*:*+ 25 more
- cpe:2.3:a:phpnuke:php-nuke:*:*:*:*:*:*:*:*range: <=8.0
- cpe:2.3:a:phpnuke:php-nuke:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:5.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:5.6:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:6.6:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:6.7:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:6.8:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:6.9:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:7.3:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:7.4:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:7.6:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:7.7:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:7.8:*:*:*:*:*:*:*
- cpe:2.3:a:phpnuke:php-nuke:7.9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.