CVE-2006-3386 Information

Description

index.php in Vincent Leclercq News 5.2 allows remote attackers to obtain sensitive information such as the installation path via a mail[] parameter with invalid values.

Reference

http://secunia.com/advisories/20936 http://www.acid-root.new.fr/advisories/news52.txt http://www.securityfocus.com/archive/1/438859/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/27506