modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote attackers to gain sensitive information via an HTTP request with an invalid (1) catid or (2) clipid parameter, which reveals the full path in an error message.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Video_gallery | Oscar_fafian | 0.1_beta_5 (including) | 0.1_beta_5 (including) |