Описание
MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to obtain sensitive information via certain requests to mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php, which reveals the installation path in an error message.
MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to obtain sensitive information via certain requests to mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php, which reveals the installation path in an error message.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-7212
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39983
- http://archives.neohapsis.com/archives/bugtraq/2008-02/0444.html
- http://forum.mambo-foundation.org/showthread.php?t=10158
- http://osvdb.org/42529
- http://secunia.com/advisories/28670
- http://www.bugreport.ir/index_33.htm
- http://www.securityfocus.com/archive/1/487128/100/200/threaded
- http://www.vupen.com/english/advisories/2008/0325
EPSS
CVE ID
Связанные уязвимости
MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to obtain sensitive information via certain requests to mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php, which reveals the installation path in an error message.
EPSS