CVE-2005-1386 Information

Description

PHP-Nuke 7.6 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) ipban.php (2) db.php (3) lang-norwegian.php (4) lang-indonesian.php (5) lang-greek.php (6) a request to Web_Links with the portuguese language (lang-portuguese.php) (7) a request to Web_Links with the indonesian language (lang-indonesian.php) (8) a request to the survey module with the indonesian language (lang-indonesian.php) (9) a request to the Reviews module with the portuguese language or (10) a request to the Journal module with the portuguese language which reveal the path in an error message.

Reference

http://marc.info/?l=bugtraq&m=111478982629035&w=2