error.php in Error Manager 2.1 for PHP-Nuke 6.0 allows remote malicious users to obtain sensitive information via an invalid (1) language, (2) newlang, or (3) lang parameter, which leaks the pathname in a PHP error message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
francisco burzi php-nuke 6.0 |