PHPNuke Remote File Copy Vulnerability

info
discussion
exploit
solution
references

PHPNuke Remote File Copy Vulnerability

PHP Nuke is a website creation/maintenance tool written in PHP3.

PHP Nuke contains a vulnerability in 'admin.php' that may allow for remote attackers to overwrite files with custom data on target webservers.

May allow for an attacker to gain access to the host, cause denial of service or deface the target website.

PostNuke, a derivative of PHP Nuke, is also vulnerable.