EIP-2026-111582

This is a writeup describing a Full Path Disclosure vulnerability in PunBB 1.3.4. The vulnerability allows an attacker to disclose the root path of a website by manipulating input parameters in search.php, userlist.php, and moderate.php.