SECUNIA ADVISORY ID:
Unknown, Exposure of sensitive information
Radek Hulan has reported a vulnerability in BLOG:CMS, PunBB and
Nucleus, potentially allowing malicious people to gain system
The problem is that input used to include files isn’t properly
validated. This may allow malicious people to include arbitrary files
from local and external resources if “register_globals” is set to
No further information is currently available.
This affects the following versions:
BLOG:CMS prior to 3.1.4
PunBB prior to 1.1.5
Nucleus prior to 3.0.1
The following versions are not vulnerable:
PROVIDED AND/OR DISCOVERED BY:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
Definitions: (Criticality, Where etc.)
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.