Joomla : Security Vulnerabilities, CVEs, Published In 2011 (Information Leak)
Joomla! 1.6.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libraries/phpmailer/language/phpmailer.lang-joomla.php.
Max CVSS
5.0
EPSS Score
0.44%
Published
2011-09-23
Updated
2012-03-12
Joomla! 1.6.x before 1.6.2 allows remote attackers to obtain sensitive information via an empty Itemid array parameter to index.php, which reveals the installation path in an error message, a different vulnerability than CVE-2011-2488.
Max CVSS
5.0
EPSS Score
0.73%
Published
2011-07-27
Updated
2017-08-29
The MediaViewMedia class in administrator/components/com_media/views/media/view.html.php in Joomla! 1.5.23 and earlier allows remote attackers to obtain sensitive information via vectors involving the base variable, leading to disclosure of the installation path, a different vulnerability than CVE-2011-2488.
Max CVSS
5.0
EPSS Score
0.29%
Published
2011-07-27
Updated
2017-08-29
templates/system/error.php in Joomla! before 1.5.23 might allow remote attackers to obtain sensitive information via unspecified vectors that trigger an undefined value of a certain error field, leading to disclosure of the installation path. NOTE: this might overlap CVE-2011-2488.
Max CVSS
5.0
EPSS Score
0.34%
Published
2011-07-27
Updated
2017-08-29
Joomla! before 1.5.23 does not properly check for errors, which allows remote attackers to obtain sensitive information via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.52%
Published
2011-07-27
Updated
2011-07-28
5 vulnerabilities found