2004-12-15 05:00:00
mitre
PUBLISHED
parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote attackers to gain sensitive information via an invalid file parameter, which reveals the web servers installation path.