This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: SQL Injection in `index.php` via HTTP Referers. π **Consequences**: Attackers can execute arbitrary SQL commands, compromising data integrity and confidentiality.
Q2Root Cause? (CWE/Flaw)
π‘οΈ **Root Cause**: Improper validation of the `HTTP Referer` header. When the "HTTP Referers" block is active, user input is directly injected into SQL queries without sanitization.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: PHP-Nuke 8.0 Final and earlier versions. π **Component**: Specifically the `index.php` file handling HTTP Referer headers.
Q4What can hackers do? (Privileges/Data)
π **Capabilities**: Remote attackers can execute arbitrary SQL instructions. β οΈ **Impact**: Potential access to database contents, modification of data, or full system compromise depending on DB privileges.
Q5Is exploitation threshold high? (Auth/Config)
π **Threshold**: LOW. π **Auth**: No authentication required (Remote). βοΈ **Config**: Requires "HTTP Referers" block to be active, but this is a common default setting.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π₯ **Exploit**: YES. Public exploits exist on Exploit-DB (ID: 3346) and mailing lists. π’ **Status**: Wild exploitation is possible for <=8.0 Final.
Q7How to self-check? (Features/Scanning)
π **Check**: Scan for PHP-Nuke instances. π§ͺ **Test**: Send crafted HTTP Referer headers to `index.php` and observe error messages or blind SQL injection responses.
π§ **Workaround**: Disable the "HTTP Referers" block feature in PHP-Nuke configuration if upgrading is not immediately possible. π **Mitigation**: Input validation on Referer headers.
Q10Is it urgent? (Priority Suggestion)
β‘ **Priority**: HIGH for legacy systems. π **Urgency**: Critical for any remaining PHP-Nuke 8.0 installations. Immediate patching or isolation recommended.