CVE-2007-1520 - Vulnerability Details - OpenCVE

The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 and earlier does not ensure the SERVER superglobal is an array before validating the HTTP_REFERER, which allows remote attackers to conduct CSRF attacks.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Phpnuke	Php-nuke

Configuration 1 [-]

OR	cpe:2.3:a:phpnuke:php-nuke::::::::
	cpe:2.3:a:phpnuke:php-nuke:5.6:::::::*
	cpe:2.3:a:phpnuke:php-nuke:6.5:::::::*
	cpe:2.3:a:phpnuke:php-nuke:7.0:::::::*
	cpe:2.3:a:phpnuke:php-nuke:7.1:::::::*
	cpe:2.3:a:phpnuke:php-nuke:7.2:::::::*
	cpe:2.3:a:phpnuke:php-nuke:7.3:::::::*
	cpe:2.3:a:phpnuke:php-nuke:7.4:::::::*
	cpe:2.3:a:phpnuke:php-nuke:7.5:::::::*
	cpe:2.3:a:phpnuke:php-nuke:7.6:::::::*
	cpe:2.3:a:phpnuke:php-nuke:7.7:::::::*
	cpe:2.3:a:phpnuke:php-nuke:7.8:::::::*
	cpe:2.3:a:phpnuke:php-nuke:7.9:::::::*

No data.

References

Link	Providers
http://osvdb.org/34501
http://phpfi.com/214668
http://secunia.com/advisories/24629
http://www.securityfocus.com/archive/1/462308/100/100/threaded
http://www.securityfocus.com/archive/1/462575/100/0/threaded
http://www.securityfocus.com/archive/1/462727/100/0/threaded
http://www.ush.it/2007/03/09/php-nuke-wild-post-xss/
http://www.wisec.it/ush/phpnukexss.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-03-20T20:00:00

Updated: 2024-08-07T12:59:08.380Z

Reserved: 2007-03-20T00:00:00

Link: CVE-2007-1520

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-03-20T20:19:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-1520

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-03-09T00:00:00", "descriptions": [{"lang": "en", "value": "The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 and earlier does not ensure the SERVER superglobal is an array before validating the HTTP_REFERER, which allows remote attackers to conduct CSRF attacks."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "34501", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/34501"}, {"tags": ["x_refsource_MISC"], "url": "http://phpfi.com/214668"}, {"tags": ["x_refsource_MISC"], "url": "http://www.wisec.it/ush/phpnukexss.html"}, {"name": "20070313 Re: Php Nuke POST XSS on steroids", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/462727/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://www.ush.it/2007/03/09/php-nuke-wild-post-xss/"}, {"name": "24629", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24629"}, {"name": "20070309 Php Nuke POST XSS on steroids", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/462308/100/100/threaded"}, {"name": "20070311 Re: Php Nuke POST XSS on steroids", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/462575/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1520", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 and earlier does not ensure the SERVER superglobal is an array before validating the HTTP_REFERER, which allows remote attackers to conduct CSRF attacks."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "34501", "refsource": "OSVDB", "url": "http://osvdb.org/34501"}, {"name": "http://phpfi.com/214668", "refsource": "MISC", "url": "http://phpfi.com/214668"}, {"name": "http://www.wisec.it/ush/phpnukexss.html", "refsource": "MISC", "url": "http://www.wisec.it/ush/phpnukexss.html"}, {"name": "20070313 Re: Php Nuke POST XSS on steroids", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/462727/100/0/threaded"}, {"name": "http://www.ush.it/2007/03/09/php-nuke-wild-post-xss/", "refsource": "MISC", "url": "http://www.ush.it/2007/03/09/php-nuke-wild-post-xss/"}, {"name": "24629", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24629"}, {"name": "20070309 Php Nuke POST XSS on steroids", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/462308/100/100/threaded"}, {"name": "20070311 Re: Php Nuke POST XSS on steroids", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/462575/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:59:08.380Z"}, "title": "CVE Program Container", "references": [{"name": "34501", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/34501"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://phpfi.com/214668"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.wisec.it/ush/phpnukexss.html"}, {"name": "20070313 Re: Php Nuke POST XSS on steroids", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/462727/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.ush.it/2007/03/09/php-nuke-wild-post-xss/"}, {"name": "24629", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24629"}, {"name": "20070309 Php Nuke POST XSS on steroids", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/462308/100/100/threaded"}, {"name": "20070311 Re: Php Nuke POST XSS on steroids", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/462575/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1520", "datePublished": "2007-03-20T20:00:00", "dateReserved": "2007-03-20T00:00:00", "dateUpdated": "2024-08-07T12:59:08.380Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:phpnuke:php-nuke:*:*:*:*:*:*:*:*", "matchCriteriaId": "A2A43B27-19D2-4118-B80E-8E225C34BFB1", "versionEndIncluding": "8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:phpnuke:php-nuke:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "F42BD4C3-71D7-48E2-B3A4-7B1975982D5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:phpnuke:php-nuke:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "EDEA81E1-E9E9-45F6-8C61-D496888451E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "D5E8572B-43BE-4068-929F-2B6FAA9EF959", "vulnerable": true}, {"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8882C59-6721-4925-8EB6-1C54455BD03B", "vulnerable": true}, {"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "8C6F6110-F77B-42CE-BAD0-0AEAFC04E982", "vulnerable": true}, {"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "017A5AD3-CD1C-41E0-B53D-3881C31F7463", "vulnerable": true}, {"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "68BA9153-537A-4CC5-A3E8-DE4FCF49EB52", "vulnerable": true}, {"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "C7481433-4DFA-4D32-BA93-FBEAC37D8D67", "vulnerable": true}, {"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "85535C0D-C858-4AF8-8350-EFBF74609CBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "7CC4F979-7F10-4F0D-96AD-5EE88E437897", "vulnerable": true}, {"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.8:*:*:*:*:*:*:*", "matchCriteriaId": "3A3B4A35-6019-468E-89FA-BC2EEADB7D31", "vulnerable": true}, {"criteria": "cpe:2.3:a:phpnuke:php-nuke:7.9:*:*:*:*:*:*:*", "matchCriteriaId": "575CFD4C-90CB-4D38-94F9-3D7915B2F054", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 and earlier does not ensure the SERVER superglobal is an array before validating the HTTP_REFERER, which allows remote attackers to conduct CSRF attacks."}, {"lang": "es", "value": "La protecci\u00f3n de cross-site request forgery (CSRF) en PHP-Nuke versi\u00f3n 8.0 y anteriores, no garantiza que la superglobal SERVER sea una matriz antes de validar la HTTP_REFERER, que permite a los atacantes remotos realizar ataques CSRF."}], "id": "CVE-2007-1520", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-03-20T20:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/34501"}, {"source": "cve@mitre.org", "tags": ["Exploit", "URL Repurposed"], "url": "http://phpfi.com/214668"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/24629"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/462308/100/100/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/462575/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/462727/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.ush.it/2007/03/09/php-nuke-wild-post-xss/"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.wisec.it/ush/phpnukexss.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/34501"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "URL Repurposed"], "url": "http://phpfi.com/214668"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/24629"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/462308/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/462575/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/462727/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.ush.it/2007/03/09/php-nuke-wild-post-xss/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.wisec.it/ush/phpnukexss.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}