mailing list archives
Re: PHPNuke viewpage.php allows Remote File retrieving
From: Christopher Warner <zanee () kernelcode com>
Date: 25 Mar 2003 21:11:44 -0500
If you could follow up on this and give more details (versions affected)
etc etc; as it stands I'm gonna confirm that viewpage.php hasn't existed
for quite some time and that this is a pretty pointless advisory.
On Tue, 2003-03-25 at 14:28, Jim Geovedi wrote:
On Tue, 25 Mar 2003 11:59:26 -0600 DaiTengu wrote:
viewpage.php is a part of PHPNuke.
The Script allows an attacker to view all files on the System.
umm, what version of phpNuke is vulnerable to this? as far as I'm
aware, there has not been any viewpage.php since before 5.0...
I beleive this was reported then as well.
reguardless, this is not true with 6.0
it's repeatable on PHP-Nuke 6.5.
Description: This is a digitally signed message part