Path traversal

TikiWiki CMS/Groupware 8.3 and earlier allows remote attackers to obtain the installation path via a direct request to 1 admin/includecalendar.php, 2 tiki-rsserror.php, or 3 tiki-watershedservice.php...