index.php for PHP-Nuke 5.4 and previous versions allows remote malicious users to determine the physical pathname of the web server when the file parameter is set to index.php, which triggers an error message that leaks the pathname.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
francisco burzi php-nuke 5.0 |
||
francisco burzi php-nuke 5.0.1 |
||
francisco burzi php-nuke 5.1 |
||
francisco burzi php-nuke 5.2 |
||
francisco burzi php-nuke 5.3.1 |
||
francisco burzi php-nuke 5.2a |
||
francisco burzi php-nuke 5.4 |