Description
Nuked-Klan 1.3b, and possibly earlier versions, allows remote attackers to obtain sensitive server information via an op parameter set to phpinfo for the (1) Team, (2) News, or (3) Liens modules.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by gregory Le Bras · textwebappsphp
https://www.exploit-db.com/exploits/22277
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/11424
Exploit mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2003-02/0276.html
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6917
Scores
EPSS
0.0215
EPSS Percentile
84.3%
Details
CWE
CWE-79
Status
published
Products (1)
nuked-klan/nuked-klan
1.3_beta
Published
Dec 31, 2003
Tracked Since
Feb 18, 2026