返回 CVE 瀏覽器

CVE-2006-6267

HIGH

7.8

CVSS Severity Score

EPSS Score0.0770%

EPSS Percentile12.00th

Published2006年12月4日

Last Modified2026年4月23日

Vulnerability Description

PostNuke 0.7.5.0, and certain minor versions, allows remote attackers to obtain sensitive information via a non-numeric value of the stop parameter, which reveals the path in an error message.

Affected Platforms (CPE)

📦

Postnuke Software Foundation

Postnuke

= 0.7.5.0

References & Advisories

🔗 http://www.securityfocus.com/archive/1/452283/100/100/threaded

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/30474

🔗 http://www.securityfocus.com/archive/1/452283/100/100/threaded

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/30474

相關漏洞威脅

CVE-2007-038610.0

Unspecified vulnerability in the rating section in PostNuke 0.764 has unknown impact and attack vectors, related to "an interestin...

CVE-2007-03857.8

The faq section in PostNuke 0.764 allows remote attackers to obtain sensitive information (the full path) via "unvalidated output"...

CVE-2002-10707.5

Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote attackers to execute script as other PHPWiki user...

CVE-2001-14607.5

SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the ...