source: https://www.securityfocus.com/bid/8401/info HostAdmin is prone to a path disclosure vulnerability. Passing invalid data to the HostAdmin site will cause an error message to be displayed, which contains installation path information. http://www.example.com/pathofhostadmin/?page='