PHP-Nuke 6.0 - 'modules.php' Denial of Service

EDB-ID:

22110

CVE:

N/A




Platform:

PHP

Date:

2002-12-23


source: https://www.securityfocus.com/bid/6465/info

A denial of service vulnerability has been reported for the modules.php script used by PHP-Nuke. The vulnerability occurs because the modules.php script does not properly validate some URI parameters.

An attacker can exploit this vulnerability by modifying certain parameters when making a request for the modules.php script. This will prevent visitors to the site hosting PHP-Nuke from creating a new account thereby leading to a denial of service vulnerability. 

http://target.com/modules.php?name=Your_Account&op=userinfo&uname=