Sensitive Information Disclosure in PhpBB 2.0.8 via Invalid Parameters

Sensitive Information Disclosure in PhpBB 2.0.8 via Invalid Parameters

CVE-2004-0729 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

PhpBB 2.0.8 allows remote attackers to gain sensitive information via an invalid (1) category_rows parameter to index.php, (2) faq parameter to faq.php, or (3) ranksrow parameter to profile.php, which reveal the full path in an error message.

Learn more about our Web Application Penetration Testing UK.