details.php in Easy Ad-Manager allows remote malicious users to obtain the full installation path via an invalid mbid parameter, which leaks the path in an error message. NOTE: this might be resultant from another vulnerability, since this vector also produces cross-site scripting (XSS). NOTE: on 20060829, the vendor notified CVE that this issue has been fixed.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
easy ad-manager easy ad-manager |