Mafia Moblog 0.6M1 and earlier allows remote attackers to obtain the installation path in an error message via a direct request to (1) big.php and (2) upgrade.php.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Mafia_moblog |
Mafia_moblog |
* |
0.6m1 (including) |
References