CVE-2007-2250

admin.php in Phorum before 5.1.22 allows remote attackers to obtain the full path via the module[] parameter.

Date published : 2007-04-25

http://www.securityfocus.com/bid/23616

http://www.securityfocus.com/archive/1/466286/100/0/threaded