CVE-2004-0066 Information

Description

phpGedView before 2.65 allows remote attackers to obtain the absolute path of the web server via malformed parameters to (1) indilist.php (2) famlist.php (3) placelist.php (4) imageview.php (5) timeline.php (6) clippings.php (7) login.php and (8) gdbi.php.

Reference

http://marc.info/?l=bugtraq&m=107394912715478&w=2 http://www.osvdb.org/3464 https://exchange.xforce.ibmcloud.com/vulnerabilities/14215