PHP-Nuke 6.5 Addon Viewpage.PHP File Disclosure Vulnerability

2003-03-25T00:00:00
ID EDB-ID:22422
Type exploitdb
Reporter Zero-X www.lobnan.de Team
Modified 2003-03-25T00:00:00

Description

PHP-Nuke 6.5 Addon Viewpage.PHP File Disclosure Vulnerability. CVE-2003-1545. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/7191/info

PHP-Nuke has been reported prone to a file disclosure vulnerability when using the viewpage.php addon.

It has been reported that PHP-Nuke may disclose arbitrary web server readable files under certain circumstances.

It should be noted that this issue reportedly affects PHP-Nuke version 6.5 when running a specific configuration, however other versions may also be affected.

http://www.example.com/viewpage.php?file=/etc/passwd