10 lines
No EOL
617 B
Text
10 lines
No EOL
617 B
Text
source: http://www.securityfocus.com/bid/7079/info
|
|
|
|
The News module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker.
|
|
|
|
An attacker may use the information gathered in this manner to mount further attacks against the host.
|
|
|
|
This vulnerability was reported to affect the News module shipped with PHPNuke version 5.5 and 6.0 it has been suggested that other versions may also be affected.
|
|
|
|
http://www.example.com/modules.php?name=News&file=print&sid=
|
|
http://www.example.com/modules.php?name=News&file=print&sid=[Any_Text] |