CVE-2004-0736

Properties

Published:
26.07.2004
Updated:
20.10.2005
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:L/Au:NR/C:C/I:N/A:N/B:N) Approximated
    Product:
    Francisco Burzi: PHP-Nuke

    Vulnerability description

    The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1)"**" or (2)"+" search patterns, which reveals the path in an error message.

    References:

    Bugtraq: http://marc.theaimsgroup.com/?l=bugtraq&m=109026609504767&w=2
    ISS X-Force: http://xforce.iss.net/xforce/xfdb/16736
    BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=109026609504767&w=2