PHP-Nuke Error Manager Module 2.1 - 'error.php?language' Full Path Disclosure
| EKU-ID: 29269 | CVE: CVE-2004-1830;OSVDB-4386 | OSVDB-ID: |
| Author: Janek Vind | Published: 2004-03-18 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 29269 | CVE: CVE-2004-1830;OSVDB-4386 | OSVDB-ID: |
| Author: Janek Vind | Published: 2004-03-18 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/9911/info It has been reported that Error Manager is prone to multiple vulnerabilities. These issues are due to failure to validate user input, failure to handle exceptional conditions and simple design errors. These issues may be leveraged to carry out cross-site scripting attacks, reveal information about the application configuration and initiate HTML injection attacks against the affected system. http://www.example.com/nuke71/error.php?newlang=foobar