2005-11-16 07:37:00
mitre
PUBLISHED
Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message.