SonicBB 1.0 allows remote attackers to obtain sensitive information via the (1) by[] parameter to search.php, (2) p[] parameter to viewforum.php, and the (3) id parameter to (a) viewforum.php or (b) members.php, which reveal the installation path in the resulting error message.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-05-14T21:00:00
Updated: 2018-10-16T14:57:01
Reserved: 2007-04-10T00:00:00
Link: CVE-2007-1901
JSON object: View
NVD Information
Status : Modified
Published: 2007-05-14T21:19:00.000
Modified: 2018-10-16T16:41:13.617
Link: CVE-2007-1901
JSON object: View
Redhat Information
No data.
CWE