CVE-2009-2115 Information

Description

admin.php in SkyBlueCanvas 1.1 r237 allows remote authenticated administrators to obtain sensitive information via an invalid id parameter which reveals the installation path in an error message.

Reference

http://secunia.com/advisories/35478 http://www.securityfocus.com/archive/1/504302/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/51164