Directory traversal vulnerability in the pnModFunc function in pnMod.php for PostNuke 0.750 up to and including 0.760rc4 allows remote malicious users to read arbitrary files via a .. (dot dot) in the func parameter to index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
postnuke software foundation postnuke 0.750 |
||
postnuke software foundation postnuke 0.760_rc4 |
||
postnuke software foundation postnuke 0.760_rc2 |
||
postnuke software foundation postnuke 0.760_rc3 |