← CVECheck
HomeVulnerabilities

CVE-2001-0854 — MEDIUM severity vulnerability (PHP-Nuke 5.2 allows remote attackers to copy and delete arbi)

PHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of the user.

CVE IDCVE-2001-0854
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:N/I:P/A:N
CWENVD-CWE-Other
StatusModified
Published2001-12-06
Last modified2026-04-16
DescriptionPHP-Nuke 5.2 allows remote attackers to copy and delete arbitrary files by calling case.filemanager.php with admin.php as an argument, which sets the $PHP_SELF variable and makes it appear that case.filemanager.php is being called by admin.php instead of the user.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →