CVE-2002-0483

PHP-Nuke <5.4 - Info Disclosure

Title source: llm

Description

index.php for PHP-Nuke 5.4 and earlier allows remote attackers to determine the physical pathname of the web server when the file parameter is set to index.php, which triggers an error message that leaks the pathname.

Exploits (1)

exploitdb WRITEUP VERIFIED

by godminus · textwebappsphp

https://www.exploit-db.com/exploits/21349

View Code ZIP pw:eip

References (3)

Core 3

Core References

Vendor Advisory mailing-list x_refsource_bugtraq

http://online.securityfocus.com/archive/1/263337

Vendor Advisory vdb-entry x_refsource_xf

http://www.iss.net/security_center/static/8618.php

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/4333

Scores

EPSS 0.0011

EPSS Percentile 28.7%

Details

Status published

Products (7)

francisco_burzi/php-nuke 5.0

francisco_burzi/php-nuke 5.0.1

francisco_burzi/php-nuke 5.1

francisco_burzi/php-nuke 5.2

francisco_burzi/php-nuke 5.2a

francisco_burzi/php-nuke 5.3.1

francisco_burzi/php-nuke 5.4

Published Aug 12, 2002

Tracked Since Feb 18, 2026