Vulnerabilities > CVE-2002-2015 - Unspecified vulnerability in Postnuke Software Foundation Postnuke 0.703

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

postnuke-software-foundation

exploit available

NVD

Published: 2002-12-31

Updated: 2008-09-05

Summary

PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter.

Vulnerable Configurations

Part	Description	Count
Application	Postnuke_Software_Foundation Postnuke Software Foundation Postnuke 0.703	1

Exploit-Db

description	PostNuke 0.703 caselist Arbitrary Module Include Vulnerability. CVE-2002-2015. Webapps exploit for php platform
id	EDB-ID:21357
last seen	2016-02-02
modified	2002-03-28
published	2002-03-28
reporter	pokleyzz sakamaniaka
source	https://www.exploit-db.com/download/21357/
title	PostNuke 0.703 caselist Arbitrary Module Include Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References