Vulnerabilities

CVE-2007-0385

by Fred · 19/01/2007

The faq section in PostNuke 0.764 allows remote attackers to obtain sensitive information (the full path) via "unvalidated output" in FAQ/index.php, possibly involving an undefined id_cat variable.

Date published : 2007-01-19

http://noc.postnuke.com/plugins/scmsvn/viewcvs.php/trunk/Historic/PostNuke7x/html/modules/?root=postnuke

http://noc.postnuke.com/plugins/scmsvn/viewcvs.php/trunk/Historic/PostNuke7x/html/modules/FAQ/index.php?root=postnuke&r1=20350&r2=20911

Similar

Tags: Cybersecurity Alert