Postnuke: path disclosure (0.7.2.3 and prior)

From: rkc (rkcat_private)
Date: Tue May 27 2003 - 21:15:20 PDT

Next message: D4rkGr3y: "Son hServer v0.2: directory traversal"

Previous message: Apache HTTP Server Project: "[Full-Disclosure] [SECURITY] [ANNOUNCE] Apache 2.0.46 released"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Intro.

What is PostNuke ?
PostNuke is a weblog/Content Management System (CMS).
It is far more secure and stable than competing products.

Home Page: http://www.postnuke.com

&&

A vulnerability have been found in Postnuke (v0.7.2.3-Phoenix & prior)
which allow users to determine the physical path of this cms.

This vulnerability would allow a remote user to determine the full path to
the web root directory.

Example:

http://www.[target-website].com/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=

Error:

Fatal error: Call to a member function on a non-object in
/the/full/path/public_html/modules/Sections/index.php on line 238


Cheers,

rkc


-- 
Rep. Argentina
6765656B207374796C65
StFU, and RtFM !

Next message: D4rkGr3y: "Son hServer v0.2: directory traversal"
Previous message: Apache HTTP Server Project: "[Full-Disclosure] [SECURITY] [ANNOUNCE] Apache 2.0.46 released"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed May 28 2003 - 20:39:05 PDT