CVE-2004-1528 Information

Description

The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to gain sensitive information via an HTTP request to (1) config.php (2) index.php or (3) submit.php which reveal the full path in an error message.

Reference

http://marc.info/?l=bugtraq&m=110064626111756&w=2 http://secunia.com/advisories/13213 http://www.securityfocus.com/bid/11693 http://www.waraxe.us/index.php?modname=sa&id=38 https://exchange.xforce.ibmcloud.com/vulnerabilities/18105