CVE-2004-2296

Name of the Vulnerable Software and Affected Versions: PHP-Nuke versions 6.0 through 7.3

Description: The issue allows remote attackers to obtain sensitive information via an invalid date parameter in the preview review function, which generates an error message when running on Windows systems.

Recommendations: For PHP-Nuke versions 6.0 through 7.3, consider restricting access to the preview review function in the Reviews module until a patch is available. As a temporary workaround, avoid using invalid date parameters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.