PHP-Nuke Web_Links show Variable Path Disclosure

2005-04-06T18:46:48
ID OSVDB:15409
Type osvdb
Reporter Maksymilian Arciemowicz(cxib@securityreason.com)
Modified 2005-04-06T18:46:48

Description

Manual Testing Notes

http://[victim]/[DIR]/modules.php?name=Web_Links&l_op=search&query=Hihihi&show=cXIb8O3

References:

Vendor URL: http://phpnuke.org/ Other Advisory URL: http://securityreason.com/adv/[phpnuke%207.6%20Multiple%20vulnerabilities%20in%20Web_Links%20Module%20cXIb8O3.14].asc Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-04/0105.html Keyword: cXIb8O3.14 CVE-2005-0998