index.php in Destiney Links Script 2.1.2 allows remote attackers to obtain the installation path via an invalid show parameter referencing a non-existent file, which reveals the path in the resulting error message. NOTE: this issue might be resultant from a more serious issue such as directory traversal.
References
Configurations
History
No history.
Information
Published : 2006-05-22 23:10
Updated : 2024-02-04 16:52
NVD link : CVE-2006-2535
Mitre link : CVE-2006-2535
CVE.ORG link : CVE-2006-2535
JSON object : View
Products Affected
greg_donald
- destiney_links_script
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor