header-logo
Suggest Exploit
vendor:
AvantGo Module
by:
SecurityFocus
4.3
CVSS
MEDIUM
Path Disclosure
200
CWE
Product Name: AvantGo Module
Affected Version From: PHPNuke 5.5
Affected Version To: PHPNuke 6.0
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

AvantGo Module for PHPNuke Path Disclosure Vulnerability

The AvantGo module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker. An attacker may use the information gathered in this manner to mount further attacks against the host.

Mitigation:

Ensure that the AvantGo module is up to date and that all security patches are applied.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7078/info

The AvantGo module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker.

An attacker may use the information gathered in this manner to mount further attacks against the host.

This vulnerability was reported to affect the AvantGo module shipped with PHPNuke version 5.5 and 6.0 it has been suggested that other versions may also be affected.

http://www.example.com/modules.php?name=AvantGo&file=print&sid=
http://www.example.com/modules.php?name=AvantGo&file=print&sid=[Any_Text]

Navigation

Suggest Exploit

Services By CQR