Kreotek : Security Vulnerabilities, CVEs, (Information Leak)
phpBMS 0.96 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) the show action in advancedsearch.php, and (4) choicelist.php, which reveals the installation path in an error message.
Max CVSS
5.0
EPSS Score
0.30%
Published
2009-10-22
Updated
2017-09-19
1 vulnerabilities found