Xoops · Xoops · CVE-2003-1550
**Name of the Vulnerable Software and Affected Versions**
XOOPS versions 2.0 and earlier
**Description**
The issue allows remote attackers to obtain sensitive information via an invalid `xoopsOption` parameter. This is achieved by revealing the installation path in an error message.
**Recommendations**
For XOOPS versions 2.0 and earlier, consider restricting access to the vulnerable parameter `xoopsOption` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.