PHP-Nuke 6.5 Addon - 'Viewpage.php' File Disclosure
| EKU-ID: 27902 | CVE: CVE-2003-1545;OSVDB-43006 | OSVDB-ID: |
| Author: Zero-X www.lobnan.de Team | Published: 2003-03-25 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 27902 | CVE: CVE-2003-1545;OSVDB-43006 | OSVDB-ID: |
| Author: Zero-X www.lobnan.de Team | Published: 2003-03-25 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/7191/info PHP-Nuke has been reported prone to a file disclosure vulnerability when using the viewpage.php addon. It has been reported that PHP-Nuke may disclose arbitrary web server readable files under certain circumstances. It should be noted that this issue reportedly affects PHP-Nuke version 6.5 when running a specific configuration, however other versions may also be affected. http://www.example.com/viewpage.php?file=/etc/passwd