mailing list archives
Postnuke: path disclosure (0.7.2.3 and prior)
From: "rkc" <rkc () uncompiled com>
Date: Wed, 28 May 2003 04:15:20 -0000 (GMT)
What is PostNuke ?
PostNuke is a weblog/Content Management System (CMS).
It is far more secure and stable than competing products.
Home Page: http://www.postnuke.com
A vulnerability have been found in Postnuke (v0.7.2.3-Phoenix & prior)
which allow users to determine the physical path of this cms.
This vulnerability would allow a remote user to determine the full path to
the web root directory.
Fatal error: Call to a member function on a non-object in
/the/full/path/public_html/modules/Sections/index.php on line 238
StFU, and RtFM !
- Postnuke: path disclosure (0.7.2.3 and prior) rkc (May 29)