Home page logo

bugtraq logo Bugtraq mailing list archives

Re: PHPNuke viewpage.php allows Remote File retrieving
From: DaiTengu <daitengu () war-ensemble com>
Date: Tue, 25 Mar 2003 11:59:26 -0600

Zero_X www.lobnan.de Team wrote:

viewpage.php is a part of PHPNuke.
The Script allows an attacker to view all files on the System.



umm, what version of phpNuke is vulnerable to this? as far as I'm aware, there has not been any viewpage.php since before 5.0...

I beleive this was reported then as well.

reguardless, this is not true with 6.0

Mike "DaiTengu" Miller
UA Site Coordinator: http://www.unitedadmins.com
Webmaster:           http://war-ensemble.com
Sysop:               telnet://bbs.war-ensemble.com
StatsMe Team:        http://www.unitedadmins.com/StatsMe.php

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]