modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote attackers to gain sensitive information via an HTTP request with an invalid (1) catid or (2) clipid parameter, which reveals the full path in an error message.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Video_gallery | Oscar_fafian | 0.1_beta_5 (including) | 0.1_beta_5 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=108308660628557\u0026w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15978
- http://marc.info/?l=bugtraq\u0026m=108308660628557\u0026w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15978