Описание
Joomla! 1.6.x before 1.6.2 allows remote attackers to obtain sensitive information via an empty Itemid array parameter to index.php, which reveals the installation path in an error message, a different vulnerability than CVE-2011-2488.
Joomla! 1.6.x before 1.6.2 allows remote attackers to obtain sensitive information via an empty Itemid array parameter to index.php, which reveals the installation path in an error message, a different vulnerability than CVE-2011-2488.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2011-2891
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68881
- http://bl0g.yehg.net/2011/04/joomla-161-and-lower-information.html
- http://developer.joomla.org/security/news/341-20110402-core-information-disclosure.html
- http://www.openwall.com/lists/oss-security/2011/06/27/6
- http://www.openwall.com/lists/oss-security/2011/06/27/8
Связанные уязвимости
nvd
больше 14 лет назад
Joomla! 1.6.x before 1.6.2 allows remote attackers to obtain sensitive information via an empty Itemid array parameter to index.php, which reveals the installation path in an error message, a different vulnerability than CVE-2011-2488.