CVE-2004-1528 - Hurry scurry Dab

Description

The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to gain sensitive information via an HTTP request to (1) config.php (2) index.php or (3) submit.php which reveal the full path in an error message.

Reference

http://www.securityfocus.com/bid/11693 http://secunia.com/advisories/13213 http://www.waraxe.us/index.php?modname=sa&id=38 http://marc.info/?l=bugtraq&m=110064626111756&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18105