CVE-2006-5138

Name of the Vulnerable Software and Affected Versions Groupee UBB.threads version 6.5.1.1

Description The issue allows remote attackers to obtain sensitive information via a direct request for "cron/php/subscriptions.php", which reveals the path in an error message.

Recommendations For version 6.5.1.1, consider restricting access to the "cron/php/subscriptions.php" endpoint to minimize the risk of exploitation. As a temporary workaround, avoid using this endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.