https://www.exploit-db.com/exploits/22704

漏洞细节尚未披露

source: http://www.securityfocus.com/bid/7774/info

Webchat has been reported prone to a path disclosure weakness.

Reportedly an attacker may make a malicious HTTP request for several Webchat PHP scripts to trigger the condition. Under some circumstances the request will trigger an exception, causing Webchat to display an error message, which may possibly contain sensitive path information.

This weakness was reported to affect Webchat version 2.0 other versions may also be affected. 

http://www.example.com/modules/WebChat/out.php
http://www.example.com/modules.php?op=modload&name=WebChat&file=index&roomid=Non_Numeric
http://www.example.com/modules/WebChat/in.php
http://www.example.com/modules/WebChat/quit.php
http://www.example.com/modules/WebChat/users.php