CVE-2003-1526

Name of the Vulnerable Software and Affected Versions PHP-Nuke version 7.0

Description The issue allows remote attackers to obtain the installation path by entering certain characters, such as `, ', or >, in the search field. This input reveals the path in an error message, potentially exposing sensitive information.

Recommendations For PHP-Nuke version 7.0, consider validating and sanitizing user input in the search field to prevent the disclosure of the installation path. As a temporary workaround, restrict access to the search functionality until a proper fix is implemented.