Unspecified vulnerability in subheader.php in PHP-Fusion 6.00.206 and earlier allows remote attackers to obtain the full path via unspecified vectors.
http://www.vupen.com/english/advisories/2005/2504
http://secunia.com/advisories/17664
http://seclists.org/lists/bugtraq/2005/Nov/0237.html