Sensitive Information Disclosure in Event Calendar Module 2.13 for PHP-Nuke
CVE-2004-1528 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to gain sensitive information via an HTTP request to (1) config.php, (2) index.php, or (3) submit.php, which reveal the full path in an error message.
Learn more about our Web Application Penetration Testing UK.