[24805] in bugtraq

home help back first fref pref prev next nref lref last post

RE: PHPNuke 5.4 Path Disclosure Vulnerability?

daemon@ATHENA.MIT.EDU (Martens, Thierry)
Fri Mar 22 20:43:29 2002

Message-ID: <DDF7A8B362BDD51194740002A508D5F32AC16B@BECWEBRUM001>
From: "Martens, Thierry" <Thierry.Martens@cwe.cwplc.com>
To: "'godminus'" <godminus@owns.com>, bugtraq@securityfocus.org
Date: Fri, 22 Mar 2002 10:32:52 +0100
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"

I am using phpnuke 5.5 and I don't get any simular error ...

Thierry Martens
Network & System Engineer
Cable & Wireless
http://www.cw.com


-----Original Message-----
From: godminus [mailto:godminus@owns.com]
Sent: woensdag 20 maart 2002 16:20
To: bugtraq@securityfocus.org
Subject: Fw: PHPNuke 5.4 Path Disclosure Vulnerability?




The vendor was contacted on the 9th of March, 2002, and did not reply

-- godminus

> Hello,
>
> I believe I`ve found (if no one else have reported already) a path
> disclosure vulnerability in PHPNuke version 5.4 (maybe 5.5 too? I didn't
> test it againt version 5.5)
>
> Example:
>
> http://www.site.com/index.php?file=index.php
>
> The error would be something like:
>
> Fatal error: Cannot redeclare theindex() in
> /var/www_servers/w00/w308vs1701/docs/csleague.israel.net/index.php on line
> 7
>
> peace
> godminus
>
>
>
home help back first fref pref prev next nref lref last post