Information Disclosure Vulnerability in phpwcms by phpwcms
CVE-2011-3789

Currently unrated

Key Information:

Vendor

PHPwcms

Status
PHPwcms
Vendor
CVE Published:
24 September 2011

What is CVE-2011-3789?

The vulnerability in phpwcms version 1.4.7 r412 allows remote attackers to exploit certain PHP files directly, potentially revealing sensitive installation paths through error messages. In particular, files such as template/inc_script/frontend_render/disabled/majonavi.php can be targeted, leading to unintended exposure of system configuration and other sensitive data.

References

http://code.google.com/p/inspathx/source/browse/trunk/pat...
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2011/06/27/6
mailing-listx_refsource_MLIST
http://code.google.com/p/inspathx/source/browse/trunk/pat...
x_refsource_MISC

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.