CVE-2004-0736 — Burzi Php-nuke vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.0%

top 93.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Francisco Burzi Php-nuke

Timeline

PublishedJul 27

Latest updateApr 29

Description

The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the path in an error message.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDfrancisco_burzi/php-nuke8.0_final

🔴Vulnerability Details

GHSA

GHSA-692f-vx63-5hrp: The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the pat↗2022-04-29

▶

CVEList

CVE-2004-0736: The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the pat↗2004-07-23

▶