header-logo
Suggest Exploit
vendor:
PHP-Nuke
by:
SecurityFocus
5
CVSS
MEDIUM
PHP-Nuke User Registration Form Arbitrary File Disclosure
200
CWE
Product Name: PHP-Nuke
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

PHP-Nuke User Registration Form Arbitrary File Disclosure

PHP-Nuke is a website creation/maintenance tool written in PHP3. A vulnerability exists in the User Registration Form which allows a malicious user to substitute arbitrary values for image form elements. This can be done by saving the webpage locally as 'user.php.html' and altering the information. The new values may be set in such a way as to disclose arbitrary web-readable files to the attacker.

Mitigation:

Upgrade to the latest version of PHP-Nuke.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/3107/info

PHP-Nuke is a website creation/maintenance tool written in PHP3.

If a malicious user may subtitute arbitrary values for image form elements in the PHP-Nuke User Registration Form by saving the webpage locally(as 'user.php.html') and altering the information. The new values may be set in such a way as to disclose arbitrary web-readable files to the attacker. 

http://www.target.com/../../../dir_on_server/anyfile.ext

It will load the file when the user info of the attacker is viewed.

Navigation

Suggest Exploit

Services By CQR