CVE-2005-1697

The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive information via a direct request to simple_smarty.php, which reveals the path in an error message.
References
Link Resource
http://marc.info/?l=bugtraq&m=111670482500552&w=2 Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:postnuke:postnuke:0.750:*:*:*:*:*:*:*
cpe:2.3:a:postnuke:postnuke:0.760:rc2:*:*:*:*:*:*
cpe:2.3:a:postnuke:postnuke:0.760:rc3:*:*:*:*:*:*

History

28 Dec 2023, 19:27

Type Values Removed Values Added
CWE NVD-CWE-Other CWE-425
First Time Postnuke postnuke
Postnuke
CPE cpe:2.3:a:postnuke_software_foundation:postnuke:0.760_rc3:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.760_rc2:*:*:*:*:*:*:*
cpe:2.3:a:postnuke_software_foundation:postnuke:0.750:*:*:*:*:*:*:*
cpe:2.3:a:postnuke:postnuke:0.760:rc2:*:*:*:*:*:*
cpe:2.3:a:postnuke:postnuke:0.760:rc3:*:*:*:*:*:*
cpe:2.3:a:postnuke:postnuke:0.750:*:*:*:*:*:*:*
References (BUGTRAQ) http://marc.info/?l=bugtraq&m=111670482500552&w=2 - (BUGTRAQ) http://marc.info/?l=bugtraq&m=111670482500552&w=2 - Third Party Advisory

Information

Published : 2005-05-24 04:00

Updated : 2024-02-28 10:42


NVD link : CVE-2005-1697

Mitre link : CVE-2005-1697

CVE.ORG link : CVE-2005-1697


JSON object : View

Products Affected

postnuke

  • postnuke
CWE
CWE-425

Direct Request ('Forced Browsing')