Sensitive Information Disclosure in Event Calendar Module 2.13 for PHP-Nuke

Sensitive Information Disclosure in Event Calendar Module 2.13 for PHP-Nuke

CVE-2004-1528 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to gain sensitive information via an HTTP request to (1) config.php, (2) index.php, or (3) submit.php, which reveal the full path in an error message.

Learn more about our Web Application Penetration Testing UK.