Vulnerabilities > CVE-2004-1830 - Multiple vulnerability in Francisco Burzi PHP-Nuke 6.0

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
francisco-burzi
exploit available

Summary

error.php in Error Manager 2.1 for PHP-Nuke 6.0 allows remote attackers to obtain sensitive information via an invalid (1) language, (2) newlang, or (3) lang parameter, which leaks the pathname in a PHP error message.

Vulnerable Configurations

Part Description Count
Application
Francisco_Burzi
1

Exploit-Db

descriptionPHP-Nuke Error Manager Module 2.1 error.php language Variable Path Disclosure. CVE-2004-1830 . Webapps exploit for php platform
idEDB-ID:23844
last seen2016-02-02
modified2004-03-18
published2004-03-18
reporterJanek Vind
sourcehttps://www.exploit-db.com/download/23844/
titlePHP-Nuke Error Manager Module 2.1 error.php language Variable Path Disclosure