CVE-2007-0490
index.php in Open-Realty 2.3.4 allows remote attackers to obtain sensitive information (the full path) via an invalid listingID parameter in a listingview action.
Date published : 2007-01-24
http://www.securityfocus.com/archive/1/457676/100/0/threaded