CVE-2005-2003 Information

Description

Ultimate PHP Board (UPB) 1.9.6 GOLD allows remote attackers to obtain sensitive information via an invalid (zero) id parameter to (1) viewtopic.php (2) profile.php or (3) newpost.php which reveals the path in an error message.

Reference

http://marc.info/?l=bugtraq&m=111893777504821&w=2 http://secunia.com/advisories/15732