2007-10-18 10:00:00
mitre
PUBLISHED
Ultimate PHP Board (UPB) 1.0 allows remote attackers to view the physical path of the message board via a direct request to add.php, which leaks the path in an error message.