CVE-2005-0326 | HackTesting

pafiledb.php in PaFileDB 3.1 allows remote attackers to gain sensitive information via an invalid or missing action parameter, which reveals the path in an error message when it cannot include a login.php script.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/19175

http://marc.info/?l=bugtraq&m=110720365923818&w=2