index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to obtain sensitive information by setting the debug parameter.Referenceshttp://www.osvdb.org/13787http://secunia.com/advisories/14284http://lostmon.blogspot.com/2005/02/mercuryboard-debug-information.html
