CVE-2008-7154
Docebo 3.5.0.3 and earlier allows remote attackers to obtain sensitive information via a direct request to 1 class/class.conffw.php, 2 class.module/class.eventmanager.php, 3 lib/lib.domxml5.php, or 4 menu/menuover.php in doceboCore/; or 5 class/class.confcms.php, 6 lib/lib.compose.php, 7...