CVE-2005-2053
Just another flat file JAF CMS before 3.0 Final allows remote attackers to obtain sensitive information via 1 an asterisk in the id parameter, 2 a blank id parameter, or 3 an asterisk in the disp parameter to index.php, which reveals the path in an error message. NOTE: a followup suggests that th...