Sensitive Information Disclosure in PnTresMailer 6.03 via Invalid filetohighlight Parameter

Sensitive Information Disclosure in PnTresMailer 6.03 via Invalid filetohighlight Parameter

CVE-2004-1205 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

codebrowserpntm.php in PnTresMailer 6.03 allows remote attackers to gain sensitive information via an invalid filetohighlight parameter, which reveals the full path in an error message.

Learn more about our Web Application Penetration Testing UK.