Description
The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information.
Remediation
References
Related Vulnerabilities
silverstripeCMS Other Vulnerability (CVE-2007-2321)
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-34944)
Oracle Database Server CVE-2019-2517 Vulnerability (CVE-2019-2517)
WordPress Plugin Responsive WordPress Slider-Avartan Slider Lite Cross-Site Scripting (1.4)
WordPress Plugin InstaWP Connect-1-click WP Staging & Migration Arbitrary File Upload (0.1.0.38)