CVE-2005-0998

Name of the Vulnerable Software and Affected Versions PHP-Nuke version 7.6

Description The issue allows remote attackers to obtain sensitive information via an invalid show parameter. This triggers a division by zero PHP error, which leaks the full pathname of the server.

Recommendations For PHP-Nuke version 7.6, consider restricting access to the Web Links module until a patch is available. As a temporary workaround, avoid using the show parameter in the affected module to minimize the risk of exploitation.