2 matches found
CVE-2007-1901
SonicBB 1.0 allows remote attackers to obtain sensitive information via the 1 by parameter to search.php, 2 p parameter to viewforum.php, and the 3 id parameter to a viewforum.php or b members.php, which reveal the installation path in the resulting error message...
CVE-2007-1901
SonicBB 1.0 is affected by CVE-2007-1901. The vulnerability stems from error messages generated by search.php (parameter by[]), viewforum.php (p[]), and viewforum.php/members.php (id), which publicly disclose the server installation path. Impact is information disclosure (partial confidentiality)...