CVE-2004-1528 - Hurry scurry Dab
Description
The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to gain sensitive information via an HTTP request to (1) config.php (2) index.php or (3) submit.php which reveal the full path in an error message.
Reference
http://www.securityfocus.com/bid/11693 http://secunia.com/advisories/13213 http://www.waraxe.us/index.php?modname=sa&id=38 http://marc.info/?l=bugtraq&m=110064626111756&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18105