CVE-2003-1526

2007-10-2519:00:00

mitre

www.cve.org

php-nuke

remote attackers

installation path

search field

error message

AI Score

6.6

Confidence

Low

EPSS

0.003

Percentile

65.4%

JSON

PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as (1) ", (2) ', or (3) > in the search field, which reveals the path in an error message.

References

www.securityfocus.com/archive/1/341743

www.securityfocus.com/bid/8848