pdesk.cgi in PerlDesk allows remote malicious users to gain sensitive information via an invalid lang parameter, which includes pathname information in an error message.
logicnow perldesk