[] NeoSense
E X P L O I T S
title author type platform port cve id

PostNuke 0.72x Members_List Module - Full Path Disclosure

Author: rkc
type: webapps
platform: php
port: 
date_added: 2003-03-28 
date_updated: 2012-11-03 
verified: 1 
codes: OSVDB-5522 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/7218/info

Multiple path disclosure vulnerabilities have been reported in various PHP scripts used by PHP-Nuke. The issue occurs when an invalid URI parameter is passed to certain scripts. The affected scripts do not provide sufficient error handling for this circumstance and as such, may display an error page containing sensitive information path information.

http://www.target.com/modules.php?op=modload&name=Members_List&file=index&letter=All&sortby=uname1234
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.