CVE-2011-3747Sensitive Information Exposure in Joomla !

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.3%
top 47.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Joomla !
Timeline
PublishedSep 23
Latest updateMay 17

Description

Joomla! 1.6.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libraries/phpmailer/language/phpmailer.lang-joomla.php.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDjoomla/joomla_!1.6.0

🔴Vulnerability Details

1
GHSA
GHSA-pqhf-cr3x-3p3x: Joomla! 12022-05-17

💥Exploits & PoCs

1
Exploit-DB
RealNetworks RealPlayer - CDDA URI Initialization (Metasploit)2011-03-17