CVE-2007-2780

Name of the Vulnerable Software and Affected Versions PsychoStats versions 3.0.6b and earlier

Description The issue allows remote attackers to obtain sensitive information via a request for "server.php" with a missing or invalid newtheme parameter, which reveals a path in an error message.

Recommendations For PsychoStats versions 3.0.6b and earlier, update to a version later than 3.0.6b to resolve the issue. As a temporary workaround, consider restricting access to the "server.php" endpoint to minimize the risk of exploitation.