SimpNews 2.41.03 on Windows, when PHP prior to 5.0.0 is used, allows remote malicious users to obtain sensitive information via an certain link_date parameter to events.php, which reveals the path in an error message due to an unsupported argument type for the mktime function on Windows.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
boesch-it simpnews 2.41.03 |
||
php php |