images/captcha.php in RavenNuke 2.30 allows remote attackers to obtain sensitive information via an aFonts array parameter value that does not correspond to a valid font file, which reveals the installation path in an error message.
References
Configurations
Information
Published : 2009-02-22 14:30
Updated : 2018-10-10 12:30
NVD link : CVE-2009-0678
Mitre link : CVE-2009-0678
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
ravenphpscripts
- ravennuke