CVE-2009-4943

Name of the Vulnerable Software and Affected Versions AdPeeps version 8.5d1

Description The issue allows remote attackers to obtain sensitive information. This can be achieved through the "index.php" file by either using a "view adrates" action with an invalid uid parameter, which reveals the installation path in an error message, or by using an "adminlogin" action with a crafted uid parameter, which reveals the version number.

Recommendations For AdPeeps version 8.5d1, consider restricting access to the "index.php" file to minimize the risk of exploitation. As a temporary workaround, avoid using the uid parameter in the affected actions until the issue is resolved.