XOOPS 2.0 XoopsOption - Information Disclosure

EDB-ID:

22389




Platform:

PHP

Date:

2003-03-20


source: https://www.securityfocus.com/bid/7149/info

XOOPS has been reported vulnerable to an information disclosure vulnerability. According to the report, path information and other sensitive data may be output in server error messages. Information obtained in this manner may be used by an attacker to launch further attacks against a vulnerable system. This vulnerability was reported to affect XOOPS version 2.0. It is not currently known if other versions are affected.

http://www.example.com/index.php?xoopsOption=any_word