pafiledb.php in PaFileDB 3.1 allows remote malicious users to gain sensitive information via an invalid or missing action parameter, which reveals the path in an error message when it cannot include a login.php script.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
php arena pafiledb 3.1 |