Vulnerabilities > CVE-2004-1998 - Information Disclosure vulnerability in PHP-Nuke
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to gain sensitive information via an invalid show parameter to modules.php, which reveals the full path in a PHP error message.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 9 |