topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to obtain sensitive information via an invalid topic parameter, which reveals the path in an error message.Referenceshttp://marc.info/?l=bugtraq&m=111592417803514&w=2
