2005-03-07 05:00:00
mitre
PUBLISHED
phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive information via a direct request to oracle.php, which reveals the path in a PHP error message.