Information Disclosure: Full Path Disclosure in Powerboards 2.2b

Information Disclosure: Full Path Disclosure in Powerboards 2.2b

CVE-2002-1723 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Powerboards 2.2b allows remote attackers to view the full path to the backend database by sending a cookie containing a non-existent username to profiles.php, which displays the full path in the error message.

Learn more about our User Device Pen Test.