mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-23 00:03:27 +00:00
721 B
721 B
CVE-2005-4358
Description
admin/admin_disallow.php in phpBB 2.0.18 allows remote attackers to obtain the installation path via a direct request with a non-empty setmodules parameter, which causes an invalid append_sid function call that leaks the path in an error message.
POC
Reference
Github
No PoCs found on GitHub currently.