CVE-2004-1912 Information

Description

The (1) modules.php (2) block-Calendar.php (3) block-Calendar1.php (4) block-Calendar_center.php scripts in NukeCalendar 1.1.a as used in PHP-Nuke allow remote attackers to obtain sensitive information via a URL with an invalid argument which reveals the full path in an error message.

Reference

http://marc.info/?l=bugtraq&m=108144168932458&w=2 http://www.securityfocus.com/bid/10082 https://exchange.xforce.ibmcloud.com/vulnerabilities/15795