CVE: CVE-2005-1698

Export to Word

PostNuke 0.750 and 0.760RC3 allows remote attackers to obtain sensitive information via a direct request to (1) theme.php or (2) Xanthia.php in the Xanthia module, (3) user.php, (4) thelang.php, (5) text.php, (6) html.php, (7) menu.php, (8) finclude.php, or (9) button.php in the pnblocks directory in the Blocks module, (10) config.php in the NS-Multisites (aka Multisites) module, or (11) xmlrpc.php, which reveals the path in an error message.

Threat-Mapped Scoring

Score: 3.0

Priority: P2 - Serious (High)

S1 – Steal Customer Account Information

EPSS

Score: 0.00319
Percentile: 0.54372

CVSS Scoring

CVSS v2 Score: 5.0

Severity:

Mapped CWE(s)

CWE-425 : Direct Request ('Forced Browsing')

All CAPEC(s)

CAPEC-127: Directory Indexing
CAPEC-143: Detect Unpublicized Web Pages
CAPEC-144: Detect Unpublicized Web Services
CAPEC-668: Key Negotiation of Bluetooth Attack (KNOB)
CAPEC-87: Forceful Browsing

CAPEC(s) with Mapped TTPs

CAPEC-127: Directory Indexing
Mapped TTPs:
- T1083 : File and Directory Discovery
CAPEC-668: Key Negotiation of Bluetooth Attack (KNOB)
Mapped TTPs:
- T1565.002 : Transmitted Data Manipulation

Mapped ATT&CK TTPs

T1083 : File and Directory Discovery
Kill Chain: discovery
T1565.002 : Transmitted Data Manipulation
Kill Chain: impact

Malware

APTs Threat Group Associations

Campaigns

Operation Wocao
SolarWinds Compromise
Operation CuckooBees
Operation Honeybee
Operation Dream Job
C0015
Night Dragon
KV Botnet Activity

Affected Products

cpe:2.3:a:postnuke:postnuke:0.750:*:*:*:*:*:*:*
cpe:2.3:a:postnuke:postnuke:0.760:rc3:*:*:*:*:*:*

← Back to Home