← CVECheck
HomeVulnerabilities

CVE-2001-1025 — HIGH severity vulnerability (PHP-Nuke 5.x allows remote attackers to perform arbitrary SQ)

PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.

CVE IDCVE-2001-1025
SeverityHIGH
CVSS score10.0
CVSS vectorAV:N/AC:L/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published2001-08-31
Last modified2026-04-16
DescriptionPHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including mainfile.php), such as article.php.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →