VULHUB ™

PHP Nuke AddOn is a set of modules that can add functionality to the popular PHP-Nuke website creation/maintenance tool. An issue exists with PHPNuke AddOn which allows local attackers to break out of webroot and read arbitrary files. When PHPNuke AddOn theme files validate PHP blocks they will attempt to open any files they find. This issue may be exploitable remotely if the attacker has a way to upload files to the host, via anonymous ftp or some other avenue.

PHP Nuke AddOn is a set of modules that can add functionality to the popular PHP-Nuke website creation/maintenance tool. An issue exists with PHPNuke AddOn which allows local attackers to break out of webroot and read arbitrary files. When PHPNuke AddOn theme files validate PHP blocks they will attempt to open any files they find. This issue may be exploitable remotely if the attacker has a way to upload files to the host, via anonymous ftp or some other avenue.