CVE-2006-0113

Name of the Vulnerable Software and Affected Versions: Enhanced Simple PHP Gallery version 1.7

Description: The issue allows remote attackers to obtain the full path of the application. This is achieved via a direct request to the "sp helper functions.php" endpoint, which leaks the pathname in an error message.

Recommendations: For Enhanced Simple PHP Gallery version 1.7, consider restricting access to the "sp helper functions.php" endpoint until a patch is available. As a temporary workaround, disabling error messages that reveal sensitive information, such as pathnames, can help minimize the risk of exploitation.