PostNuke 0.72x Stats Module Path Disclosure Vulnerability

2014-07-01T00:00:00
ID SSV:76240
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/7218/info

Multiple path disclosure vulnerabilities have been reported in various PHP scripts used by PHP-Nuke. The issue occurs when an invalid URI parameter is passed to certain scripts. The affected scripts do not provide sufficient error handling for this circumstance and as such, may display an error page containing sensitive information path information. 

http://www.target.com/modules.php?op=modload&name=Stats&file=