Phpnuke : Security Vulnerabilities, CVEs, (Directory traversal)
Directory traversal vulnerability in mainfile.php in PHP-Nuke 8.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.
Max CVSS
4.3
EPSS Score
0.43%
Published
2007-03-14
Updated
2018-10-16
Absolute path traversal vulnerability in nukestyles.com viewpage.php addon for PHP-Nuke allows remote attackers to read arbitrary files via a full pathname in the file parameter. NOTE: This was originally reported as an issue in PHP-Nuke 6.5, but this is an independent addon.
Max CVSS
5.0
EPSS Score
4.77%
Published
2003-12-31
Updated
2018-10-19
2 vulnerabilities found