Sensitive Information Disclosure in PHP-Nuke Reviews Module
CVE-2004-2296 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The preview_review function in the Reviews module in PHP-Nuke 6.0 to 7.3, when running on Windows systems, allows remote attackers to obtain sensitive information via an invalid date parameter, which generates an error message.
Learn more about our Web Application Penetration Testing UK.