CVE-2005-4172

eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information via a direct request to storyblock.php without arguments, which leaks the full pathname in the resulting PHP error message.

Date published : 2005-12-11

http://www.securityfocus.com/bid/15568

http://archives.neohapsis.com/archives/bugtraq/2005-11/0301.html