ID OSVDB:15409
Type osvdb
Reporter Maksymilian Arciemowicz(cxib@securityreason.com)
Modified 2005-04-06T18:46:48
Description
Manual Testing Notes
http://[victim]/[DIR]/modules.php?name=Web_Links&l_op=search&query=Hihihi&show=cXIb8O3
References:
Vendor URL: http://phpnuke.org/
Other Advisory URL: http://securityreason.com/adv/[phpnuke%207.6%20Multiple%20vulnerabilities%20in%20Web_Links%20Module%20cXIb8O3.14].asc
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0105.html
Keyword: cXIb8O3.14
CVE-2005-0998
{"enchantments": {"score": {"value": 5.7, "vector": "NONE", "modified": "2017-04-28T13:20:11", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-0998"]}], "modified": "2017-04-28T13:20:11", "rev": 2}, "vulnersScore": 5.7}, "bulletinFamily": "software", "affectedSoftware": [], "references": [], "href": "https://vulners.com/osvdb/OSVDB:15409", "id": "OSVDB:15409", "title": "PHP-Nuke Web_Links show Variable Path Disclosure", "type": "osvdb", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "lastseen": "2017-04-28T13:20:11", "edition": 1, "reporter": "Maksymilian Arciemowicz(cxib@securityreason.com)", "description": "## Manual Testing Notes\nhttp://[victim]/[DIR]/modules.php?name=Web_Links&l_op=search&query=Hihihi&show=cXIb8O3\n## References:\nVendor URL: http://phpnuke.org/\nOther Advisory URL: http://securityreason.com/adv/[phpnuke%207.6%20Multiple%20vulnerabilities%20in%20Web_Links%20Module%20cXIb8O3.14].asc\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0105.html\nKeyword: cXIb8O3.14\n[CVE-2005-0998](https://vulners.com/cve/CVE-2005-0998)\n", "modified": "2005-04-06T18:46:48", "viewCount": 0, "published": "2005-04-06T18:46:48", "cvelist": ["CVE-2005-0998"]}
{"cve": [{"lastseen": "2021-02-02T05:24:35", "description": "The Web_Links module for PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via an invalid show parameter, which triggers a division by zero PHP error that leaks the full pathname of the server.", "edition": 4, "cvss3": {}, "published": "2005-05-02T04:00:00", "title": "CVE-2005-0998", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0998"], "modified": "2016-10-18T03:16:00", "cpe": ["cpe:/a:francisco_burzi:php-nuke:7.6"], "id": "CVE-2005-0998", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0998", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:francisco_burzi:php-nuke:7.6:*:*:*:*:*:*:*"]}]}