Information Disclosure Vulnerability in phpBook 2.1.0 by phpBook
CVE-2011-3771

Currently unrated

Key Information:

Vendor: Gnu
Status: PHPbook
Vendor: CVE Published:; 24 September 2011

Summary

In phpBook version 2.1.0, an information disclosure vulnerability exists that allows remote attackers to gain insights into sensitive installation paths. This is achieved through direct requests to specific .php files, resulting in error messages that inadvertently reveal crucial data, such as the installation directory. Examples of the affected files include doc/update_smilies_1.50-1.60.php. This exposure can lead to further attacks and exploitation if sensitive directory structures are divulged.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/70601

vdb-entryx_refsource_XF

http://www.openwall.com/lists/oss-security/2011/06/27/6

mailing-listx_refsource_MLIST

http://code.google.com/p/inspathx/source/browse/trunk/pat...

x_refsource_MISC

Timeline

Vulnerability published
Sep 24, 2011
Vulnerability Reserved
Sep 23, 2011