index.php in Lifetype 1.0.3 allows remote malicious users to obtain sensitive information via an invalid show parameter, which reveals the path in an error message.
lifetype lifetype 1.0.3