CVE-2007-0385
3 documents3 sources
Severity
7.8HIGH
EPSS
0.5%
top 33.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 19
Latest updateMay 1
Description
The faq section in PostNuke 0.764 allows remote attackers to obtain sensitive information (the full path) via "unvalidated output" in FAQ/index.php, possibly involving an undefined id_cat variable.
CVSS vector
AV:N/AC:L/C:C/I:N/A:NExploitability: 10.0 | Impact: 6.9