CyberSec.Space Logo
Back to CVE Browser

CVE-2006-6267

HIGH
7.8
CVSS Severity Score
EPSS Score0.0770%
EPSS Percentile12.00th
PublishedDec 4, 2006
Last ModifiedApr 23, 2026

Vulnerability Description

PostNuke 0.7.5.0, and certain minor versions, allows remote attackers to obtain sensitive information via a non-numeric value of the stop parameter, which reveals the path in an error message.

Affected Platforms (CPE)

πŸ“¦
Postnuke Software Foundation

Postnuke

= 0.7.5.0

References & Advisories

πŸ”— http://www.securityfocus.com/archive/1/452283/100/100/threaded
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/30474
πŸ”— http://www.securityfocus.com/archive/1/452283/100/100/threaded
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/30474

Related Vulnerabilities

CVE-2007-038610.0

Unspecified vulnerability in the rating section in PostNuke 0.764 has unknown impact and attack vectors, related to "an interestin...

CVE-2007-03857.8

The faq section in PostNuke 0.764 allows remote attackers to obtain sensitive information (the full path) via "unvalidated output"...

CVE-2002-10707.5

Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote attackers to execute script as other PHPWiki user...

CVE-2001-14607.5

SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the ...