Description
The MediaViewMedia class in administrator/components/com_media/views/media/view.html.php in Joomla! 1.5.23 and earlier allows remote attackers to obtain sensitive information via vectors involving the base variable, leading to disclosure of the installation path, a different vulnerability than CVE-2011-2488.
Remediation
References
Related Vulnerabilities
Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (3.6.3)
Display Users SQL Injection (2.0.0)
Custom Menu Cross-Site Scripting (1.3.3)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5293)
MediaWiki Improper Input Validation Vulnerability (CVE-2010-1189)