PHP-Nuke 5.5/6.0 News Module – Full Path Disclosure

PHP-Nuke 5.5/6.0 News Module – Full Path Disclosure

漏洞ID 1053753 漏洞类型
发布时间 2003-03-12 更新时间 2003-03-12
图片[1]-PHP-Nuke 5.5/6.0 News Module – Full Path Disclosure-安全小百科CVE编号 N/A
图片[2]-PHP-Nuke 5.5/6.0 News Module – Full Path Disclosure-安全小百科CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22348
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/7079/info

The News module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker.

An attacker may use the information gathered in this manner to mount further attacks against the host.

This vulnerability was reported to affect the News module shipped with PHPNuke version 5.5 and 6.0 it has been suggested that other versions may also be affected.

http://www.example.com/modules.php?name=News&file=print&sid=
http://www.example.com/modules.php?name=News&file=print&sid=[Any_Text]

相关推荐: Web Server Creator Web Portal Remote File Include Vulnerability

Web Server Creator Web Portal Remote File Include Vulnerability 漏洞ID 1101224 漏洞类型 Input Validation Error 发布时间 2002-11-25 更新时间 2002…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享