CVE-2002-0483 Information

Description

index.php for PHP-Nuke 5.4 and earlier allows remote attackers to determine the physical pathname of the web server when the file parameter is set to index.php which triggers an error message that leaks the pathname.

Reference

http://online.securityfocus.com/archive/1/263337 http://www.iss.net/security_center/static/8618.php http://www.securityfocus.com/bid/4333