CVE-2006-7062 Information

Description

calendar.php in Kamgaing Email System (kmail) 2.3 and earlier allows remote attackers to obtain the full path of the server via an invalid d parameter which leaks the path in an error message.

Reference

http://pridels0.blogspot.com/2006/04/kmail-23-vuln.html http://www.osvdb.org/25065 https://exchange.xforce.ibmcloud.com/vulnerabilities/26120