CVE-2005-1235

Name of the Vulnerable Software and Affected Versions: phpbb-Auction versions 1.2m and earlier

Description: The issue allows remote attackers to obtain sensitive information via an invalid mode parameter. This is achieved by leaking the full path in a PHP error message when the mode parameter is invalid.

Recommendations: For phpbb-Auction versions 1.2m and earlier, consider validating and sanitizing the mode parameter to prevent the leakage of sensitive information. As a temporary workaround, restrict access to the auction my auctions.php file until a proper fix is applied.