CVE-2005-1697
PostNuke 0.750 and 0.760RC2-RC3 - Information Disclosure via RSS Module Direct Request
Title source: llmDescription
The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive information via a direct request to simple_smarty.php, which reveals the path in an error message.
References (1)
Core 1
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=111670482500552&w=2
Scores
EPSS
0.0112
EPSS Percentile
62.0%
Details
CWE
CWE-425
Status
published
Products (2)
postnuke/postnuke
0.750
postnuke/postnuke
0.760 rc2 (2 CPE variants)
Published
May 24, 2005
Tracked Since
Feb 18, 2026