Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3829)

Description

Joomla! 2.5.3 allows remote attackers to obtain the installation path via the Host HTTP Header.

Remediation

References

Related Vulnerabilities

MySQL CVE-2018-3182 Vulnerability (CVE-2018-3182)

Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-1980)

WordPress Plugin WTI Like Post Cross-Site Scripting (1.4.4)

WordPress Plugin Kish Guest Posting 'uploadify.php' Arbitrary File Upload (1.2)

WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.19)

Severity

Medium

Classification

CVE-2012-3829 CWE-200

Tags

Missing Update Known Vulnerabilities