CVE-2005-2887 Information

Description

MAXdev MD-Pro 1.0.73 and possibly earlier versions allows remote attackers to obtain sensitive information via a direct request to (1) wiki.php (2) AutoTheme directory (3) Blocks directory (4) admin.php (5) pnadmin.php or (6) Topics directory which reveal the path in an error message.

Reference

http://marc.info/?l=bugtraq&m=112603835317458&w=2 http://rgod.altervista.org/maxdev1073.html http://secunia.com/advisories/16731/ https://exchange.xforce.ibmcloud.com/vulnerabilities/22201