Description
PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by pokleyzz sakamaniaka · textwebappsphp
https://www.exploit-db.com/exploits/21357
References (3)
Core 3
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-03/0345.html
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4381
Patch vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/8699.php
Scores
EPSS
0.0262
EPSS Percentile
85.8%
Details
Status
published
Products (1)
postnuke_software_foundation/postnuke
0.703
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026