CVE-2007-0692
DGNews 2.1 is affected by a path-disclosure vulnerability (CVE-2007-0692) in news.php (fullnews) when an invalid newsid parameter is supplied, potentially revealing server paths via error messages. The issue is triggered by the fullnews/news.php flow and related error output, with the advisory no...