CVE-2005-1028 Information

Description

PHP-Nuke 6.x through 7.6 allows remote attackers to obtain sensitive information via a direct request to (1) index.php with the forum_admin parameter set (2) the Surveys module or (3) the Your_Account module which reveals the path in a PHP error message.

Reference

http://marc.info/?l=bugtraq&m=111272010303144&w=2