Interesting and useful link. thank you for sharing.
I guess, the site will only find sites sharing the same IP, but not sharing the same box.

All in all i think shared webhosting is the security problem there, not the full path disclosure.

This probably won't help alot, but I wanted to share it =)

http://swcnet.co.cc/images/disallowimg.php => Says it can't show the picture "http://swcnet.co.cc/images/disallowimg.php" because it contains errors (In the title it says PNG-picture).

Then I try to view the source like this =>
view-source:http://swcnet.co.cc/images/disallowimg.php
Now the title says this: (APPLICATION/X-VIEW-SOURCE-picture).

So I searched google and found this interesting thing:
http://people.mozilla.com/~mnandigama/codecoverage_html/layout/build/nsContentDLF.cpp.gcov.html

@Towley:
the thing about shared hosting is that if you have the same IP you have the same box. the only thing that happens is that your DNS server gets a different dns name linked to it's own directory on the host box. 123-reg.co.uk actually facilitates this option with their (for lack of a better word) partner myserverworld.com.

EDIT: and it seems i was wrong about it being on it's own box after all. it definitely uses shared hosting:

Reverse Domain Lookup on swcnet.co.cc has found :
Host Name : hostecs.net
Host IP : 66.197.236.149

Number of domains found on IP: 39
Download in CSV format
1) marcuslangford.com ( Click here to view this site )
2) www.bdplay.com ( Click here to view this site )
3) www.cidalu.com ( Click here to view this site )
4) gw.lt.gw.lt ( Click here to view this site )
5) www.guadagnareonline.hostecs.net ( Click here to view this site )
6) mtv4teen.net ( Click here to view this site )
7) rongxanhz.com ( Click here to view this site )
8) tamilxmedia.hostecs.net ( Click here to view this site )
9) kavimler.com ( Click here to view this site )
10) obsessivewebdesigns.com ( Click here to view this site )
11) www.fiberinstrumentsales.com ( Click here to view this site )
12) creativedesignonline.net ( Click here to view this site )
13) yamunaexpressway.com ( Click here to view this site )
14) peshawarweb.com ( Click here to view this site )
15) almacampeira.com ( Click here to view this site )
16) ansyori.clix5.com ( Click here to view this site )
17) jonlucas.clix5.com ( Click here to view this site )
18) supermanpants.com ( Click here to view this site )
19) floridanetwork.net ( Click here to view this site )
20) theboxworld.com ( Click here to view this site )
21) egyband.net ( Click here to view this site )
22) minicentre.net ( Click here to view this site )
23) gettipsforyourlife.quotefuse.com ( Click here to view this site )
24) games.clix5.com ( Click here to view this site )
25) zonadeldeseo.com ( Click here to view this site )
26) fotki.nitevid.com ( Click here to view this site )
27) freesource.clix5.com ( Click here to view this site )
28) necrosasylum.com ( Click here to view this site )
29) www.kissez.net ( Click here to view this site )
30) dailypic.clix5.com ( Click here to view this site )
31) vidsearch.nitevid.com ( Click here to view this site )
32) madwap.ru ( Click here to view this site )
33) dix5.clix5.com ( Click here to view this site )
34) nbjhkgyktghfy.com ( Click here to view this site )
35) frani.clix5.com ( Click here to view this site )
36) kingsofsex.com ( Click here to view this site )
37) apnakhyber.com ( Click here to view this site )
38) canadianconvention.com ( Click here to view this site )
39) info-ku.co.tv ( Click here to view this site )

I think it`s possible to have a server farm of multiple boxes behind a single IP.
so it would be possible that 20 sites are on Box A, and another 20 on Box B, wouldn`t it?

oh, didn't think of that. i shall look into it. thanks for pointing it out. that might explain a problem i've been experiencing "in the field"...

also, have you noticed that bright shadows also throws a different error if you have too long a session id? the data's properly caught though. all it says is "A PHP-internal error occurred" or something like that.

and here is some pseudocode to catch it software-wise:

$sessname = php_get_sess_name();  # dunno real function name, but there is one
$sesslen = 32; # (dunno real value and it can vary, maybe there is a function too)
if (!(isset($_COOKIE[$sessname])) { no cookie }
if (!preg_match("/^[a-zA-Z0-9]{$sesslen}$/", $_COOKIE[$sessname])) { no valid cookie }

session_start(); # .... warners be gone ...

nice. was wondering about that... (ps - used and applied successfully. thanks alot)