CVE-2006-5759

Name of the Vulnerable Software and Affected Versions: Rhadrix If-CMS versions 1.01 through 2.07

Description: The issue allows remote attackers to obtain the full path of the web server. This is achieved by providing empty arguments, specifically rns[] or pag[], which results in an error message that reveals the path.

Recommendations: For versions 1.01 through 2.07, consider restricting access to the index.php file until a fix is available. As a temporary workaround, avoid using empty rns[] or pag[] arguments in API endpoints to minimize the risk of path disclosure.