CVE-2002-1723

Name of the Vulnerable Software and Affected Versions Powerboards version 2.2b

Description The issue allows remote attackers to view the full path to the backend database. This can be achieved by sending a cookie containing a non-existent username to the "profiles.php" endpoint, which displays the full path in the error message.

Recommendations For Powerboards version 2.2b, consider restricting access to the "profiles.php" endpoint until a patch is available, or modify the error handling to prevent the disclosure of sensitive path information.