Skip to main content

CVE-2007-0385

Severity High
Score 7.8/10

Summary

The faq section in PostNuke 0.764 allows remote attackers to obtain sensitive information (the full path) via "unvalidated output" in FAQ/index.php, possibly involving an undefined id_cat variable.

  • LOW
  • NETWORK
  • NONE
  • NONE
  • COMPLETE
  • NONE

References

Advisory Timeline

  • Published