CVE-2005-0603 Information

Description

viewtopic.php in phpBB 2.0.12 and earlier allows remote attackers to obtain sensitive information via a highlight parameter containing invalid regular expression syntax which reveals the path in a PHP error message.

Reference

http://marc.info/?l=bugtraq&m=110943646112950&w=2 http://neossecurity.net/Advisories/Advisory-06.txt http://secunia.com/advisories/14413 http://www.phpbb.com/phpBB/viewtopic.php?t=267563