CVE-2009-2304
The CVE-2009-2304 entry describes an information disclosure in Aardvark Topsites PHP 5.2.0 and earlier. Specifically, index.php handling the rate action accepts a nonexistent account name via the u parameter, causing an error message that reveals the installation path. The vulnerability is labele...