CVE-2005-2895 Information

Description

setcookie.php in PBLang 4.65 and possibly earlier versions allows remote attackers to obtain sensitive information via a 00 (a null byte) in the u parameter which reveals the path in an error message.

Reference

http://marc.info/?l=bugtraq&m=112611338417979&w=2 http://securitytracker.com/alerts/2005/Sep/1014861.html https://exchange.xforce.ibmcloud.com/vulnerabilities/22191