VULHUB ™

PHP-Nuke is a popular web based Portal system. It allows users to create accounts and contribute content to the site. PostNuke was originally forked from PHP-Nuke, and is a similar project. It is possible to hijack arbitrary user accounts under PHP-Nuke or PostNuke. A maliciously constructed cookie will allow an attacker to gain access to any account, including those with administrative privileges.

PHP-Nuke is a popular web based Portal system. It allows users to create accounts and contribute content to the site. PostNuke was originally forked from PHP-Nuke, and is a similar project. It is possible to hijack arbitrary user accounts under PHP-Nuke or PostNuke. A maliciously constructed cookie will allow an attacker to gain access to any account, including those with administrative privileges.