CVE-2009-2115
admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated administrators to obtain sensitive information via an invalid id parameter, which reveals the installation path in an error message.
Date published : 2009-06-18
http://www.securityfocus.com/archive/1/504302/100/0/threaded