CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2003-1468

The Web_Links module in PHP-Nuke 6.0 through 6.5 final allows remote attackers to obtain the full web server path via an invalid cid parameter that is non-numeric or null, which leaks the pathname in an error message.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.8%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2003-1468

Francisco Burzi » Php-Nuke » Version: 6.0

cpe:2.3:a:francisco_burzi:php-nuke:6.0
Francisco Burzi » Php-Nuke » Version: 6.5

cpe:2.3:a:francisco_burzi:php-nuke:6.5
Francisco Burzi » Php-Nuke » Version: 6.5_beta1

cpe:2.3:a:francisco_burzi:php-nuke:6.5_beta1
Francisco Burzi » Php-Nuke » Version: 6.5_final

cpe:2.3:a:francisco_burzi:php-nuke:6.5_final
Francisco Burzi » Php-Nuke » Version: 6.5_rc1

cpe:2.3:a:francisco_burzi:php-nuke:6.5_rc1
Francisco Burzi » Php-Nuke » Version: 6.5_rc2

cpe:2.3:a:francisco_burzi:php-nuke:6.5_rc2
Francisco Burzi » Php-Nuke » Version: 6.5_rc3

cpe:2.3:a:francisco_burzi:php-nuke:6.5_rc3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2003-1468

Products

Pricing

Contact Us