The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote malicious users to obtain sensitive information via a direct request to simple_smarty.php, which reveals the path in an error message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
postnuke postnuke 0.750 |
||
postnuke postnuke 0.760 |