CVE-2006-3091 Information

Description

PhpMyFactures 1.0 and possibly 1.2 and earlier allows remote attackers to obtain the installation path via a direct request to (1) /verif.php (2) /inc/footer.php and (3) /remises/ajouter_remise.php.

Reference

http://secunia.com/advisories/20642 http://securityreason.com/securityalert/1111 http://www.acid-root.new.fr/advisories/phpmyfactures.txt http://www.osvdb.org/26486 http://www.osvdb.org/26487 http://www.osvdb.org/26488 http://www.securityfocus.com/archive/1/437025/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/27205