VULHUB ™

PHP-Nuke 7.4 has a cross site scripting flaw that allows an attacker the ability to delete any admin account. It is an old bug that has a patch that can be bypassed if the data is sent via a POST instead of a GET.

PHP-Nuke 7.4 has a cross site scripting flaw that allows an attacker the ability to delete any admin account. It is an old bug that has a patch that can be bypassed if the data is sent via a POST instead of a GET.