PHP-Nuke admin_mass_email.php phpEx Variable Path Disclosure

2005-05-02T05:36:42
ID OSVDB:16250
Type osvdb
Reporter Silentium(anacrongroupitaly@autistici.org)
Modified 2005-05-02T05:36:42

Description

Vulnerability Description

PHP-Nuke contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker provides invalid input to the 'phpEx' variable of the admin_mass_email.php script, which will disclose the full installation path resulting in a loss of confidentiality.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

PHP-Nuke contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker provides invalid input to the 'phpEx' variable of the admin_mass_email.php script, which will disclose the full installation path resulting in a loss of confidentiality.

Manual Testing Notes

http://[victim]/modules/Forums/admin/admin_mass_email.php?phpEx=silentium

References:

Vendor URL: http://www.phpnuke.org/ Secunia Advisory ID:15244 Related OSVDB ID: 16244 Related OSVDB ID: 16249 Related OSVDB ID: 16245 Related OSVDB ID: 16246 Related OSVDB ID: 16247 Related OSVDB ID: 16248 Related OSVDB ID: 16251 Related OSVDB ID: 16252 Other Advisory URL: http://www.autistici.org/anacron-group-italy/file/txt/sile002adv.txt