2005-03-07 05:00:00
mitre
PUBLISHED
index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message.