Information Disclosure Vulnerability in b2evolution by b2evolution
CVE-2011-3709

Currently unrated

Key Information:

Vendor: B2evolution
Status: B2evolution
Vendor: CVE Published:; 23 September 2011

🔔 Create B2evolution Vulnerability Alert

What is CVE-2011-3709?

The b2evolution 3.3.3 version contains a vulnerability that allows remote attackers to gain access to sensitive information by sending direct requests to specific .php files. This flaw can expose the installation path in error messages, posing a risk for unauthorized access to critical setup details, particularly linked to locales such as ru_RU/ru-RU.locale.php. It is crucial for users to implement proper security measures to mitigate the potential impacts of this vulnerability.

References

http://www.openwall.com/lists/oss-security/2011/06/27/6

mailing-listx_refsource_MLIST

http://code.google.com/p/inspathx/source/browse/trunk/pat...

x_refsource_MISC

http://code.google.com/p/inspathx/source/browse/trunk/pat...

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 23, 2011

JSON