https://www.exploit-db.com/exploits/24166
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200406-037

PHP-Nuke是一个广为流行的网站创建和管理工具，它可以使用很多数据库软件作为后端，比如MySQL、PostgreSQL、mSQL、Interbase、Sybase等。PHP-Nuke对文件脚本直接访问缺少正确限制，远程攻击者可以利用这个漏洞获得敏感信息。由于对重要脚本没有进行任何限制，攻击者可以直接访问一些如’admin.php’脚本的敏感文件，获得敏感信息。

source: http://www.securityfocus.com/bid/10447/info

PHP-Nuke is affected by a direct script access security vulnerability. This issue is due to a failure to properly validate the location and name of the file being accessed.

This issue will allow an attacker to gain access to sensitive scripts such as the 'admin.php' script. The attacker may be able to exploit this unauthorized access to carry out attacks against the affected application.

http://www.example.com/admin/case/case.adminfaq.php/admin.php?op=FaqCatGo
http://www.example.com/admin/admin.php/index.php
http://www.example.com/admin/modules/blocks.php/admin.php

来源:XF
名称:nukecops-ergei-path-disclosure(16298)
链接:http://xforce.iss.net/xforce/xfdb/16298
来源:XF
名称:oscnukelite-eregi-path-disclosure(16297)
链接:http://xforce.iss.net/xforce/xfdb/16297
来源:XF
名称:osc2nuke-eregi-path-disclosure(16296)
链接:http://xforce.iss.net/xforce/xfdb/16296
来源:XF
名称:phpnuke-eregi-path-disclosure(16294)
链接:http://xforce.iss.net/xforce/xfdb/16294
来源:BID
名称:10447
链接:http://www.securityfocus.com/bid/10447
来源:OSVDB
名称:6593
链接:http://www.osvdb.org/6593
来源:SECUNIA
名称:11766
链接:http://secunia.com/advisories/11766
来源:BUGTRAQ
名称:20040606Re:[Squid2004-Nuke-001]InadequateSecurityCheckinginPHPNuke
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=108662955105757&w;=2
来源:BUGTRAQ
名称:20040601[Squid2004-Nuke-001]InadequateSecurityCheckinginPHPNuke
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=108611643614881&w;=2
来源:BUGTRAQ
名称:20040601[Squid2004-betaNC-001]InadequateSecurityCheckinginNukeCops
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=108611606320559&w;=2
来源:BUGTRAQ
名称:20040601[Squid2004-OSC2Nu