EIP-2026-111435
PRE-CVEPostNuke 0.7x - Install Script Administrator Password Disclosure
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-111435. PoCs published by hellsink.
AI-analyzed exploit summary This is a technical writeup describing an information disclosure vulnerability in PostNuke due to the presence of an unremoved 'install.php' script after installation, which can leak administrator credentials. The issue is trivial to exploit by accessing the script directly via a URL.
Description
PostNuke 0.7x - Install Script Administrator Password Disclosure
Exploits (1)
This is a technical writeup describing an information disclosure vulnerability in PostNuke due to the presence of an unremoved 'install.php' script after installation, which can leak administrator credentials. The issue is trivial to exploit by accessing the script directly via a URL.