CVE-2011-1482

Name of the Vulnerable Software and Affected Versions PHP-Nuke versions 8.0 and earlier

Description The issue allows remote attackers to hijack the authentication of administrators for requests, including adding user accounts or granting administrative privileges to a user account. This is related to a Referer check that uses a substring comparison in the mainfile.php file.

Recommendations For PHP-Nuke versions 8.0 and earlier, consider disabling the functionality related to adding user accounts and granting administrative privileges until a proper fix is applied, to minimize the risk of exploitation. Restrict access to the mainfile.php file to prevent unauthorized requests.