CVE 2007-5119
JSPWiki 2.4.103 and 2.5.139-beta allows remote attackers to obtain sensitive information (full path) via an invalid integer in the version parameter to the default URI under attach/Main/.
See the
CVE page on Mitre.org
for more details.