Description

feedcreator.class.php (aka the syndication component) in Joomla! 1.0.7 allows remote attackers to obtain sensitive information via a "/" (slash) in the feed parameter to index.php, which reveals the path in an error message.

Remediation

References

CVE-2006-1027

Related Vulnerabilities

Nginx Out-of-bounds Write Vulnerability (CVE-2009-2629)

Oracle Application Server CVE-2008-0347 Vulnerability (CVE-2008-0347)

Joomla! Core 4.x.x Security Bypass (4.0.0 - 4.2.7)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-2572)

OpenSSL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2022-3786)

Severity

Medium

Classification

CVE-2006-1027

Tags

Missing Update Known Vulnerabilities