Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
index.php for PHP-Nuke 5.4 and earlier allows remote attackers to determine the physical pathname of the web server when the file parameter is set to index.php, which triggers an error message that leaks the pathname.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PHP-Nuke错误信息导致WEBROOT路径信息泄露漏洞
Vulnerability Description
PHP-Nuke是一款PHP语言编写流行的系统构建程序,允许用户建立帐户和组织网站内容。可以运行在Unix和Linux操作系统下,也可运行在Microsoft Windows操作系统下。 PHP-Nuke由于对部分错误WEB请求处理存在问题可导致绝对路径泄露。 攻击者可以对PHP-Nuke系统中的index.php脚本提交不正常的参数请求,可导致相关绝对路径泄露给攻击者。 攻击者可以通过这些信息,对目标系统进行进一步的攻击。
CVSS Information
N/A
Vulnerability Type
N/A