Description
Joomla! 1.6.x before 1.6.2 allows remote attackers to obtain sensitive information via an empty Itemid array parameter to index.php, which reveals the installation path in an error message, a different vulnerability than CVE-2011-2488.
Remediation
References
Related Vulnerabilities
Lighttpd Integer Overflow or Wraparound Vulnerability (CVE-2019-11072)
PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2011-0754)
WordPress Plugin Royal PrettyPhoto Cross-Site Scripting (1.2)
Oracle JRE CVE-2013-2455 Vulnerability (CVE-2013-2455)
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (6.6.4)