Sensitive Information Disclosure in MS Analysis Module 2.0 for PHP-Nuke

Sensitive Information Disclosure in MS Analysis Module 2.0 for PHP-Nuke

CVE-2004-1839 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a direct request to (1) browsers.php, (2) mstrack.php, or (3) title.php, which reveal the full path in a PHP error message.

Learn more about our Web Application Penetration Testing UK.