CVE-2005-1697

PostNuke <0.760 - Info Disclosure

Title source: llm

Description

The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive information via a direct request to simple_smarty.php, which reveals the path in an error message.

References (1)

[Third Party Advisory] http://marc.info/?l=bugtraq&m=111670482500552&w=2

Scores

EPSS 0.0032

EPSS Percentile 54.9%

Details

CWE

CWE-425

Status published

Products (2)

postnuke/postnuke 0.750

postnuke/postnuke 0.760 rc2 (2 CPE variants)

Published May 24, 2005

Tracked Since Feb 18, 2026